[Cryptography] Another crypto paper in the wrong place
dj at deadhat.com
dj at deadhat.com
Mon May 19 09:48:39 EDT 2014
This paper by a group of physicists:
http://arxiv.org/abs/1405.0435
Claims that they have a perfect QRNG made out of a phone camera
essentially "because it's quantum".
The physics may be ok (I don't know enough to be able to tell) but they
make some flat out wrong cryptographic claims.
The claim a single input 4:1 ratio extractor can turn their imperfect
output into perfect entropy.
They claim there's a different between quantum noise and electrical noise,
but they describe the measured values as the mean of quantum events, which
is exactly what electrical noise is.
Instead of running a min-entropy estimate algorithm over their data, they
run it through PRNG tests from Dieharder and claim it "passed all tests",
but full entropy bits passed through dieharder will hit a marginal result
on some of the tests most of the time and since they don't describe the
extractor algorithm we have no way of knowing. If they ran it through a
hash, it's going to pass dieharder regardless of the entropy.
They tested 625MBytes of raw data compressed to 156 MBytes. When I have
'close to perfect' raw data, I typically need 100GBytes or so to get a
reasonable error margin on my min-entropy estimates.
I'm doubt physics reviewers are going to be able to judge these
cryptographic claims.
David Johnston
More information about the cryptography
mailing list