[Cryptography] TRNG review: Arduino based TRNGs
Ron Garret
ron at flownet.com
Fri Jan 15 12:05:56 EST 2016
On Jan 14, 2016, at 9:41 PM, Bill Cox <waywardgeek at gmail.com> wrote:
> On Thu, Jan 14, 2016 at 2:36 PM, Ron Garret <ron at flownet.com> wrote:
>
> On Jan 13, 2016, at 5:08 PM, Jonathan Thornburg
> IMHO the right approach is to not worry about the quality of your noise source and just use a whitener with a large margin of safety. Feed 1000 raw 10-bit ADC readings into SHA512 and you’re almost certainly secure against any attack. If you want to be super duper paranoid, run some basic sanity checks on the raw input, like make sure that the standard deviation of your samples is >>0.
>
> I think you would usually be right. An exception might be the guy who is running in something close to a Faraday cage off a battery and good bypass caps, with little non-thermal noise feeding the ADC.
Even in that case why not give yourself a comfortable safety margin? Are there really applications that require you to squeeze every last bit of entropy out of a noise source?
rg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160115/8776c3a3/attachment.html>
More information about the cryptography
mailing list