"you are patient and friendly in response to me, a jerk flinging opinions!"
No worries, coderman. No one ever got into cryptography to bask in the charm of one's peers. Besides, I'm willing to put up with a lot in order to get constructive criticism. (So relax, Stuart Christmas...) So yeah, when you get time, your concerns are of interest to me and so-many lurkers here. "Bounty, as in compensation for a successful attack in the form of digital currency :P" Cool! Anyone have suggestions for (1) defining a successful attack and (2) how much $ we should post for it? (Obviously, "I broke Enranda by exploiting a kernel vuln" doesn't count.) "i am glad the post-quantum hardness has constraints, regarding the rest, another tangent." Yeah, I should have explained "postquantum" better. It had nothing to do with X86 hardware (or even the marketing department). It was a reference to the complexity of modeling the timedelta stream sufficiently well to predict anything useful post-trapdoor, even if you have the powers of Grover search. (This goes into permutative trapdoors and order-sensitivity, etc.) "i trust them more if the design provides raw sample access and the observed entropy density, bias, failure modes, as observed over extended sanity and continuous run-checks on the sampled bit stream." That makes good practical sense. Again, I have nothing against DIYing one's own hardware TRNG. I believe there's one on Kickstarter for those who want to investigate. On Tue, May 26, 2015 at 10:05 PM, coderman <[email protected]> wrote: > On 5/26/15, Russell Leidich <[email protected]> wrote: > > ... > > I would welcome your longer reply, > > you are patient and friendly in response to me, > a jerk flinging opinions! > > i will send a longer response about my specific concerns for these > types of entropy gathering when time permits - thank you for courtesy > un-deserved! > > > > > ... how do you envision this BTC... > > Bounty, as in compensation for a successful attack in the form of > digital currency :P > > no matter, i am compelled to delineate concerns and risks, as said above. > > > > > And yes, it's totally legit to attack Enranda by executing a > > process on the same CPU, for example, in another terminal window on a > > single-CPU system. For that matter, what other attacks do you foresee? > > i am glad the post-quantum hardness has constraints, regarding the rest, > another tangent. > as said above. > > > > > I won't argue with your point about hardware TRNGs being superior to > > software ones. If you trust your chip vendor, then it all works just > fine. > > i trust them more if the design provides raw sample access and the > observed entropy density, bias, failure modes, as observed over > extended sanity and continuous run-checks on the sampled bit stream. > > ... CPU instructions another tangent, which i've written about > separately wrt RDRAND/RDSEED vs. XSTORE entropy sources. > > > > best regards, and my apologies for first, >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
