EDP (entropy distribution protocol), userland PRNG design
Bill Stewart
bill.stewart at pobox.com
Sun Feb 5 02:04:41 EST 2006
At 01:01 AM 2/4/2006, Travis H. wrote:
>Assume further that it is not cost-effective to furnish each with a
>HWRNG, even one as inexpensive as a sound card (for example, they may
>not have a spare slot on the motherboard nor built-in sound).
>...
>Suppose that /dev/random is too slow (SHA-1 was never meant to
>generate a lot of output) because one of these machines wishes to
>generate a large file for use as a one-time pad*.
One-time pads are expensive protocols to use properly -
the operational costs of generating easily-disposable media,
putting couriers with briefcases handcuffed to their arms onto airplanes,
shredder costs when trashing the CD/DVD/etc., /dev/thermite for the PCs,
and all the other things that you need to do for a real OTP threat model
add up to real money after a while.
If you can afford that, you can afford to spend $100 for an
external sound card or USB hardware random generator dongle or whatever
or a PC case with more slots in it.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list