[Cryptography] Dieharder & /dev/urandom
Natanael
natanael.l at gmail.com
Tue May 14 12:51:38 EDT 2019
Den tis 14 maj 2019 18:37Michel Arboi <michel.arboi at gmail.com> skrev:
> /dev/urandom is supposed to be as solid as /dev/random, except acute
> paranoia: https://www.2uo.de/myths-about-urandom/
>
> [...]
> Once this bug is fixed, or by using a file filed with binary data
> (dieharder -g 201 ...) I still find weaknesses with urandom
> 1. I get at least one WEAK result nearly every time I run "dieharder -a
> -g 501"
> 2. These weaknesses do not appear with /dev/random
> 3. The tests which failed are not always the same.
>
I have admit I don't know exactly how the dieharder tests are implemented,
I'd like to point one thing out;
All these tests are heuristic by design. Randomness does not lie in
numbers, it lies in the sources. And heuristic tests for randomness needs
to rely on randomness themselves. That means sometimes when it runs a
statistical test with random numbers it will then claim they aren't random,
as well as claiming the predictable numbers are random, because it just
tries to guess how *probable* it is that a random source would come up with
the series of numbers that you gave to it.
So passing or failing some tests is not the interesting question - it is
*how many* tests you pass or fail and of what kind.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190514/64a13db7/attachment.html>
More information about the cryptography
mailing list