[Cryptography] High volume thermal entropy from an iPhone

[Alexandre Anzala-Yamajako]

IMO a statistical approach based on taking a bunch of data a saying
essentially "I don t see any signs that it s not random" is not a good
approach for entropy seeding.
The example is old but I could give you the output of an AES in counter
mode with a null key and a null iv and no standard statistical test woud
ever show you any defects while you have absolutely no entropy.
You case is particularely worrisome for several reasons
1) you use a von neuman like extractor but you have also shown that your
data is not only biased but also correlated
2) you don t seem have a model of your hardware source from which you could
derive the output distribution
3) you do some wizardry to remove some correlation but nowhere show or
prove that there isn t more corrolation to be taken care of or how
4) I didn t see in your document a justification of the fact that the
manufacturer of the camera (soft and hardware) doesn t have more
information than you and could therefore target defects in your entropy
management procedure.

You should have a look at the work of Viktor Fischer, David Lubicz, Florent
Bernard and patrick Haddad.
They invested quite a bit of effort to give entropy guarantees when using
very specific hardware device.

Best regards
-- 
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171213/c3350e0e/attachment.html>