I think everyone has questioned the quality of Jitterentropy (for safety's sake) so I ported over the TestU01 suite, which from what I've read is notable for giving failing scores to most of the popular RNGs. Jitterentropy passes the shortest two of the four test batteries, but is two slow to practically test against the larger two tests.
Speed aside, I think it is looking like a good entropy source, but then again I wouldn't be shocked if OpenSSL runs a crappy amplifier over top of /dev/random. I have the tests in my external repo: https://github.com/ehmry/genode-emery https://github.com/ehmry/genode-emery/commit/769d1fa7fe0185b57675527f966e7b7f1c3f4f30 https://github.com/ehmry/genode-emery/commit/cd48931ee05b228bbd47269b338fb1bcdfc6d0ff Test output http://ipfs.io/ipfs/QmePQrzxbDeXbjzq654hURU642QzJc3Eujh46gHvpUkBvL jitterentropy_alphabet.log http://ipfs.io/ipfs/QmZrRdnBbSByJxLxy4m2ihktKwebp5NhG9ZoSPYhwWZg4D jitterentropy_rabbit.log TestU01 documentation http://simul.iro.umontreal.ca/testu01/tu01.html Cheers, Emery On Fri, Dec 11, 2015 at 11:59:27AM +0900, Jaemin Park wrote: > I'll also consider your comments on "random", but currently I'm > implementing the test program only. (It's fine till now.) > > On Wed, Dec 9, 2015 at 8:05 PM, Josef Söntgen < > > > > Note that there is currently no random source besides an older version > > of the jitterentropy RNG [2] available on Genode. So, for all use cases > > that go beyond mere experimentation, the generated keys should be > > considered as insecure if you only use this as source. > >
signature.asc
Description: Digital signature
------------------------------------------------------------------------------
_______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
