[Cryptography] The world's most secure TRNG
Bill Frantz
frantz at pwpconsult.com
Tue Sep 30 17:05:38 EDT 2014
On 9/30/14 at 12:28 AM, pg at futureware.at (Philipp Gühring) wrote:
>>However, because most devs won't understand the above argument, if you
>>actually supply an unwhitened RNG then geeks will look at it and decide
>>that because they see certain biases in it then it must be broken! And
>>broken they will call it. And broken will be your sales.
>
>Yes!
>
>>So from a marketing point of view you should put a whitener on the
>>part.
>
>Yes!
>
>But when you do that, (like Intel did with their RdRand), people will
>accuse you of providing malicious randomness that they can´t audit
>anymore, since you whitened it.
>
>Has anyone found a solution to that paradox yet?
Educate the devs. Include in the instructions for each device
the following:
"This device, like all hardware random number sources, does not
produce completely random bits. If completely random bits are
needed a "whitening" operation will be needed. (references). If
is is being used to seed a pseudo random number generator, use
XX% more bits than you would use from a perfect source.
"This device does not whiten its output in order to allow users
to more easily test the quality of the random bits it produces."
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Since the IBM Selectric, keyboards have gotten
408-356-8506 | steadily worse. Now we have touchscreen keyboards.
www.pwpconsult.com | Can we make something even worse?
More information about the cryptography
mailing list