At 03:31 PM 2/14/01 +0200, Paul N wrote:
>
>It is secure to make a onetime pad using 16 bit input from soundcard using
the
>following algorithm?
>Each bit of the output is the result of XOR-ing all 16 bits from the input
>sample... so, for making one byte of "one-time pad", I need 8 samples (16*8
>bits or 16 bytes) of input?
This was (more than) sufficient distillation for FM-hiss when I
experimented with that. You have to measure the entropy of your
distillate, to *know*, rather than hope. You should also measure the
entropy of your raw measurements ---I expect ambient noise is lower entropy
than hiss.
Beware of (periodic) hum.
>Of course I allow this only if the cllipping doesn't occurs and there is
>nosilence....
Suggestion: Interstation FM hiss is higher-volume and higher bandwidth than
ambient noise. But again, you can measure this.
>[I would not feel particularly comfortable merely combining the bits
>of a single sample -- distilling entropy using a hash function and
>large blocks of input would probably work out better. I'm sure there
>will be plenty of opinions around here. --Perry]
A secure hash will only obscure entropy measurement (a good hash gives
1bit/symbol *apparent* entropy even if only few input bits change
infrequently). You must measure your distillate's entropy before
hashing if you hash.
If you do get a distillate that passes the tests, there is really no
need for hashing ---though it can't hurt IFF the input is 1 bit/symbol.
So, how to measure entropy? Use Shannon's entropy formula, use Maurer's
sequence-sensitive but equally fast test, and use the Diehard suite to really
look for structure. In a OTP, after creating a pad, your program
should run these tests on the pad as a quality check. With these
tools you can really do science and measure the effect of various
distilling functions.
Don't trust, measure.
.......
"What company did you say you were from, Mr. Hewlett?"
---Walt Disney to Bill Hewlett eetimes 22.01.01 p 32
