-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Aloha!
Stephan Mueller wrote: > I would not concur with this statment: at runtime, you cannot verify > entropy beyond simple pattern checks. Moreover, compression (i.e. > whitening) is not meaningful when mixing it into /dev/random as it > has its own whitening function. What I have argumented for is to have sanity checks on the sources to at least capture pathological cases. Things like stuck at zero/one. Then one could add simpler tests to detect major bias and values spanning much less than the value space. Then the RNG chain could contain estimators such as in the Linux chain. Or one could design them away like in the Fortuna RNG by Schneier. We had a case where the MCU integrated radio receiver RSSI signal was used as entropy source. The radio wasn't used for communication, which is why it wasn't detected that the radio was in fact broken and the RSSI always returned the same value. Not good. ;-) - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlKXCowACgkQZoPr8HT30QFTgQCggFyYEFNLRQsALHfUbbDvdzCM VsgAnjeRcyicNY4IDmc/BuMjI4m4LasI =mj52 -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography