[Cryptography] cheap sources of entropy
John Denker
jsd at av8n.com
Wed Jan 29 17:34:42 EST 2014
On 2014-01-29 04:31, Arnold Reinhold wrote:
> ...... SHA2 vs SHA3, AES vs
> Salsa20 and RSA vs ECC are the bike shed/refreshment committee. RNG is
> the $10 billion nuclear reactor waiting to blow up. At the present time
> there is no practical attack on the standard crypto algorithms, but RNG
> is a single point of failure that has shattered crypto security in
> practice many times
Yes sir.
On 01/29/2014 02:24 PM, James A. Donald wrote:
> If it is a digital thermostat, has an A to D converter. If an A to D
> converter, probably has thermal noise.
That's what we call wishful thinking. It is *not* a good
practice.
On 01/28/2014 03:17 PM, James A. Donald wrote:
> Use many, many different entropy sources, even ones that are known to
> suck.
Anybody who believes that argument must think quadruple-rot13 is
a good cipher.
My point is: Combining a bunch of sucky crypto primitives is *not*
a good practice.
One well-calibrated well-defended well-monitored entropy source
makes incomparably more sense than an arbitrarily complicated
conglomeration of sucky sources.
To those who say calibration is hard: Yeah, a lot of things in
cryptography are hard. We're supposed to be grown-ups here. We
don't just give up when we see something that requires a bit of
work.
If you want us to use the thermostat A/D that's fine ... provided
you tell us how to calibrate it.
To those who say different platforms will have different entropy
sources: Yeah, they also have different graphics hardware,
different networking hardware, different disk hardware, et cetera.
We deal with that by loading the appropriate drivers.
More information about the cryptography
mailing list