[Cryptography] cheap sources of entropy
Jon Callas
jon at callas.org
Mon Jan 27 16:14:00 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Jan 19, 2014, at 5:04 PM, Christian Huitema <huitema at huitema.net> wrote:
> The key here is to trust that the camera is not somehow subverted and does
> not feed a "pseudo random" set of bits, just like any hardware that has been
> modified. But then, if the camera truly delivers the pixels that it sees, I
> wonder why I would rely specifically on pointing at a grey card. Simply
> pointing at a landscape or an interior scene will probably provide just as
> much entropy. Minute differences in the location and orientation of the
> camera will cause pixels to shift. In a handheld device like a cell phone,
> we can ask the user to take a series of pictures while randomly moving the
> phone. Hashing the images will certainly deliver some pretty good input to
> the entropy bucket.
Sure, whatever.
Let me get down to brass tacks. Apologies for the minor handwave to make my point:
Assume a frame F_i taken from the camera. If the attacker cannot guess the *exact* contents of that frame, even with filters, in-camera JPEG, etc. with an advantage over guessing flips of a fair coin, then it's got one bit of entropy.
So take 512 frames and hash them. Poof you're done.
Extrapolate from there to the case of a frame having N bits of entropy.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFS5swfsTedWZOD3gYRAhjbAKDhp4bkSnYOz3aJQdPW85ERRSqtTACfVhE7
hyMrC24ttWbF8KUGeF7yI9U=
=suqA
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list