On 5/26/15, Russell Leidich <[email protected]> wrote: > ... > I would welcome your longer reply,
you are patient and friendly in response to me, a jerk flinging opinions! i will send a longer response about my specific concerns for these types of entropy gathering when time permits - thank you for courtesy un-deserved! > ... how do you envision this BTC... Bounty, as in compensation for a successful attack in the form of digital currency :P no matter, i am compelled to delineate concerns and risks, as said above. > And yes, it's totally legit to attack Enranda by executing a > process on the same CPU, for example, in another terminal window on a > single-CPU system. For that matter, what other attacks do you foresee? i am glad the post-quantum hardness has constraints, regarding the rest, another tangent. as said above. > I won't argue with your point about hardware TRNGs being superior to > software ones. If you trust your chip vendor, then it all works just fine. i trust them more if the design provides raw sample access and the observed entropy density, bias, failure modes, as observed over extended sanity and continuous run-checks on the sampled bit stream. ... CPU instructions another tangent, which i've written about separately wrt RDRAND/RDSEED vs. XSTORE entropy sources. best regards, and my apologies for first, _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
