[Cryptography] A TRNG review per day (week?): ATSHA204A has low entropy

Bill Cox waywardgeek at gmail.com
Fri Dec 5 07:00:25 EST 2014

If I made no mistake (and I do make a lot), the "random" data from the
Atmel ATSHA204A is highly predictable when you disable the seed update to
EEPROM.  Until we understand the this predictability in their output data,
I believe any "random" data from this part should not be used for crypto.

I generated 32 bytes of "random" data repeatedly with the Hashlet, after
disabling update_seed (I set the default to false in cli_commands.c).  I
ran 1MiB of this generated data through a little bit predictor I wrote, and
verified that each output bit has less than 0.5 bits of entropy.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141205/b2e5be28/attachment.html>

More information about the cryptography mailing list