University of Calgary
The authors present three techniques for extracting entropy during boot on embedded devices. Their first technique times the execution of code blocks early in the Linux kernel boot process. It is simple to implement and has a negligible runtime overhead, but, on many of the devices they test, gathers hundreds of bits of entropy. Their second and third techniques, which run in the bootloader, use hardware features - DRAM decay behavior and PLL locking latency, respectively - and are therefore less portable and less generally applicable, but their behavior is easier to explain based on physically unpredictable processes.