[Cryptography] A TRNG review per day (week?): ATSHA204A has low entropy
Bill Cox
waywardgeek at gmail.com
Fri Dec 5 07:00:25 EST 2014
If I made no mistake (and I do make a lot), the "random" data from the
Atmel ATSHA204A is highly predictable when you disable the seed update to
EEPROM. Until we understand the this predictability in their output data,
I believe any "random" data from this part should not be used for crypto.
I generated 32 bytes of "random" data repeatedly with the Hashlet, after
disabling update_seed (I set the default to false in cli_commands.c). I
ran 1MiB of this generated data through a little bit predictor I wrote, and
verified that each output bit has less than 0.5 bits of entropy.
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141205/b2e5be28/attachment.html>
More information about the cryptography
mailing list