[Cryptography] A TRNG review per day (week?): ATSHA204A has low entropy

R P Herrold herrold at owlriver.com
Thu Dec 11 17:21:55 EST 2014

On Tue, 9 Dec 2014, Bill Cox wrote:

> I just did another simple test.  After cold-booting my Raspberry Pi, I
> called "./haslet random" and recorded the 32-byte result.  I had the
> update-seed parameter turned off

Using an un-seeded RNG with the hashlet code requires patching 
out the protections which the code offers.  This seems a lot 
like complaining that it hurts when you stick a fork in your 

You were running something based on another's code, but 
after removing the in-built  guarding.  It is NOT:
	./hashlet random

How is this a fair test?

-- Russ herrold

More information about the cryptography mailing list