At 03:25 PM 9/30/04 -0700, John Gilmore wrote: > >Crypto hardware that generates "random" numbers can't be tested in >production in many useful ways. My suggestion would be to XOR a >hardware-generated and a software-generated random number stream. If >one fails, whether by accident, malice, or design, the other will >still randomize the resulting stream. Belt AND suspenders will keep >your source of randomness from being your weakest link.
A good idea, but also: consider that hardware based RNGs are not so hard to make. An FM radio soundcard, audio digitizer, and some homebrew (perhaps standard-crypto-hash-based) software suffices for moderate bandwidth true RNG construction. Using an evaluation metric like Diehard and/or a Shannon or Mauer entropy measure ices the cake (as well as being required for initial and continuing monitoring). (Insert the usual caveats about PRNGs being undetectable, OS subversion, white vans driving your FM hiss, etc.) Very cheap and if you can master a hash function component, not tricky. Obviously too much trouble for Joe Sixpack, but I think that certain online gambling houses (not US of course) have made their own sources, and definately not too hard for anyone who codes and has crypto-clue. OTOH Joe can benefit from his radio-tuner card plus off the shelf inspectable software since he ought not to trust Bigcorp's embedded nominal RNG. Joe Sixpack might also be an abbreviation for a foreign government. Should the Pakis really trust Intel's RNG? PS: your belts and suspenders argument also applies to trusting cipher algorithms. Best to chain a few. Also useful to twiddle a few S-box bits, even if you get suboptimal properties, so as to deter cheap crackers using COTS cipher chips. (Doing dictionary regexp search, not the impractical exhaustive search, of course.) This works particularly well in large random-S-box constructs like Blowfish (et al) compared to the more spartan (thus degradable) DES S-boxes. The weakest link will be bipedal for the forseeable future. ================================================= 36 Laurelwood Dr Irvine CA 92620-1299 VOX: (714) 544-9727 (home) mnemonic: P1G JIG WRAP ICBM: -117.7621, 33.7275 PGP PUBLIC KEY: by arrangement Send plain ASCII text not HTML lest ye be misquoted. Really. ------ "Don't 'sir' me, young man, you have no idea who you're dealing with" Tommy Lee Jones, MIB --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
