-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Aloha!
Stephan Mueller wrote: > The only challenge that I see with Havege is that the algorithm is > quite complex and that the description does not fully explain why and > where the entropy comes from. Looking into the source code of > oneiteration.h, the code is also not fully clear. Havege is (if I remember correctly) a magnificent example of Duff's Device: https://en.wikipedia.org/wiki/Duff's_device The code tries to force instruction cache misses at different points on the switch-loop thereby causing a lot of pipe flushes and instruction loads from lower level caches all the way to main store. A goof comparison to Havege is Jytter that basically (AFAIK) is trying to get entropy from the same source (measuring variance in instruction timing). But Havege tries to force the creation of variance and can thus generate higher rate of entropy. In my measurements I get kbps from Jytter byt Mbps from Havege. I have yet to compare the quality as measured using Dieharder, but from my memory Havege was really good. > Considering the grilling I get with a similar RNG that I ask to be > used as a seed source for /dev/random or other crypto libs (see > thread http://lkml.org/lkml/2013/10/11/582), I would have concerns on > the algorithm. As long as one does not rely on one source - and _always_ feed the entropy to the RNG-CSPRNG chain (not replace the chain and connect the source directly to /dev/random output like with Bull Mountain) I have a hard time to see where much controversy would emerge. As long as the source produces ok quality entropy. One issue I'm thinking of is if you have more than one source, but one of them dwafs the other sources in kapacity. Say having a microphone providing whitish noise at kbps rate and then having RdRand from your Haswell CPU generating data at Gbps speed, will the microphone entropy matter? - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlKXCPMACgkQZoPr8HT30QHYugCgrtEwLV33ZS20PSvb/kvR8Fuq RgEAn1obSaBl/7V/IUqFMBk49bSeU1I/ =VCJ1 -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
