[Cryptography] Whitening Algorithm
Bill Cox
waywardgeek at gmail.com
Fri Jul 24 14:23:24 EDT 2015
On Fri, Jul 24, 2015 at 6:22 AM, Albert Lunde <atlunde at panix.com> wrote:
> On 7/22/2015 9:50 PM, Rob Seward wrote:
>
>> Hi,
>> I’m trying to whiten a random noise source (a reverse biased transistor)
>> with a low-powered microprocessor.
>>
>
> The Turbid paper has a section: "'Whitening' Considered Unhelpful":
>
> http://www.av8n.com/turbid/paper/turbid.htm#sec-whitening
I consider this paper some of the best work in TRNGs ever. This paper has
had a more important impact than tthe Turbid code, IMO. However, this
particular section just quibbles about semantics of the words "hash
function" and "whitener". Turbid uses a "hash function" on the output,
and stubbornly refuses to call this a whitener.
In reality, that hash function is what the rest of the world calls a
whitener. However, I agree that two hash functions in a row - what the
paper calls a hash function and a whitener - is a poor idea. There is also
very loose use of the word "entropy", here and elsewhere. Personally, I
gave up on trying to correct the rest of the world, and just use the term
as others do, unless we're in a conversation where the specifics matter.
For example, in the discussion above, "entropy" is meant as an average
expected level of surprise in some cases, and the actual measured surprise
for a given string in others. One use is a property of the TRNG, and the
other is a property of a specific output string. In general, unless it
makes a difference in the results, I gloss over distinctions like
"whitener" vs "hash function".
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150724/b8c093b5/attachment.html>
More information about the cryptography
mailing list