On Sat, Dec 25, 2010 at 2:43 PM, Dan Kaminsky <[email protected]> wrote: > ... > Making noisy diodes isn't all that hard, AFAIK. You eliminate bias by only > returning difference bits -- 01 is a 0, 10 is a 0. Whether the underlying > silicon is in fact doing that...well, that's a question for the chip > reversers.
noisy diodes, free spinning oscillators, ring oscillators, sub samplings of above in complex structures, lots of options without lava lamp or spinning platter craziness. [0] as for eliminating bias, the von Neumann whitener as you describe works well, but has unpredictable throughput. (that is, one word/buffer may take longer to fill than the next depending on generated bits, and at best you've got a significant reduction in throughput.) this is one reason it is preferable to read raw biased entropy at maximum rate from the hardware source into an entropy daemon which then validates hardware output before whitening, compressing, and/or digesting read bits. best regards, happy holidays, done beating this dead horse for now... ;) 0. there's a nice survey/list in chapter 4 of Cryptographic Engineering. http://books.google.com/books?isbn=0387718168 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
