Eugen Leitl wrote: > > ... framegrabber with a 640x480 24 bit/pixel camera. It doesn't > compress, is rather noisy, and since self-adjusting I get the maximum > entropy at maximum darkness.
OK. Evidently it's dominated by thermal noise, not to be confused with the Poisson noise recently featured in another thread. Not a problem. > Is there any point in compressing the video before running it through a > cryptohash? There might be a minor point, namely computational efficiency. A well-chosen compressor might eliminate low-entropy bytes rather quickly. Make sure it's a lossless compressor, perhaps GIF or PNG ... as opposed to a perceptual coder (e.g. JPEG) that would persumably throw away some of the entropy. Calling SHA-1 on low-entropy bytes doesn't waste entropy, but wastes CPU cycles. > How does e.g. SHA-1 fare with very sparse bitvectors? 1) In any good hash function, any input bit should have about as much effect on the output as any other input bit. SHA-1 has been analyzed by experts (of which I am not one :-) and I would imagine they checked this. 2) There are 5 one-bit shifts in the fivefold expansion, and lots of 5-bit shifts in the main loop, so it shouldn't matter that the sparse input bits are clustered in the bottom of the 32-bit words. 3) I performed an amateur kick-the-tires test, namely cobbling up some sparse input vectors, calling SHA-1, and applying "standard" statistical tests including Diehard and Maurer's "universal" statistical test. No nobody's surprise, the tests didn't detect anything. Arnold Reinhold wrote: > > ... with a portable TV set and a video digitizer > should be a good source of high bandwidth noise. In both cases you > are just using the receivers as high gain amplifiers of the thermal > noise at the antenna terminals. Thermal noise is good. Antennas are bad -- just an invitation to be attacked that way. Get rid of the antenna. Keep the high gain preamp. Better yet, do as Eugen has done: Use a framegrabber !!without!! the "portable TV set". No RF section at all. Plenty of entropy, lower cost, greater simplicity, and less vulnerability to attack. For that matter, an audio card (without microphone) produces more than enough entropy for most applications. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
