[Cryptography] cheap sources of entropy
Ben Laurie
ben at links.org
Tue Jan 28 19:40:16 EST 2014
On 28 January 2014 22:41, Krisztián Pintér <pinterkr at gmail.com> wrote:
>
> James A. Donald (at Tuesday, January 28, 2014, 11:17:29 PM):
>> From time to time, stir more randomness into the pseudo random number
>> generator *in* *greater* *than* *128* *bit* *chunks*, not in smaller
>> amounts.
>
> that might prove itself harder than it seems, if we don't have a good
> estimate on the entropy. there is a solution though. fortuna rng does
> it in a very clever way, it runs 32 parallel entropy collectors. it
> uses the first of them for every reseeding. it uses the second one for
> every second reseedings. it uses the third for every fourth
> reseedings, and so on. even if we have no clue about the entropy
> production, it will eventually recover from a compromised state.
Unfortunately, though, in low entropy systems it takes a _really_ long
time to reach an uncompromised state in the first place.
More information about the cryptography
mailing list