On Mon, Mar 5, 2012 at 4:29 AM, Rob Kendrick <[email protected]> wrote: > ... > Although the Entropy Key does a huge amount of processing > (comparitively) before delivering that 32kbit/s: it's already mixed the > values from two sources, done entropy estimation, done FIPS statistical > tests, and pooled the data.
yes; no two sources are created equal. > I have no idea about the quality of VIA's numbers or what security they > provide in hardware against attack or verification of quality of > numbers. For all I know, they could just be exposing a noisy circuit > directly via a register. in the case of VIA XSTORE you can configure whitened output and filtering, however, it is preferred to leave the output at maximum throughput and leave the verification/processing to the entropy daemon which in turn feeds the OS/host entropy pool. this is the biggest difference between Entropy Key and other sources. it does by itself what a TRNG+EGD would provide together. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
