[Cryptography] Whitening Algorithm

Bill Cox waywardgeek at gmail.com
Fri Jul 24 14:23:24 EDT 2015

On Fri, Jul 24, 2015 at 6:22 AM, Albert Lunde <atlunde at panix.com> wrote:

> On 7/22/2015 9:50 PM, Rob Seward wrote:
>> Hi,
>> I’m trying to whiten a random noise source (a reverse biased transistor)
>> with a low-powered microprocessor.
> The Turbid paper has a section:  "'Whitening' Considered Unhelpful":
> http://www.av8n.com/turbid/paper/turbid.htm#sec-whitening

I consider this paper some of the best work in TRNGs ever.  This paper has
had a more important impact than tthe Turbid code, IMO.  However, this
particular section just quibbles about semantics of the words "hash
function" and "whitener".   Turbid uses a "hash function" on the output,
and stubbornly refuses to call this a whitener.

In reality, that hash function is what the rest of the world calls a
whitener.  However, I agree that two hash functions in a row - what the
paper calls a hash function and a whitener - is a poor idea.  There is also
very loose use of the word "entropy", here and elsewhere.  Personally, I
gave up on trying to correct the rest of the world, and just use the term
as others do, unless we're in a conversation where the specifics matter.
For example, in the discussion above, "entropy" is meant as an average
expected level of surprise in some cases, and the actual measured surprise
for a given string in others.  One use is a property of the TRNG, and the
other is a property of a specific output string.  In general, unless it
makes a difference in the results, I gloss over distinctions like
"whitener" vs "hash function".

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150724/b8c093b5/attachment.html>

More information about the cryptography mailing list