[Cryptography] High volume thermal entropy from an iPhone
Matt Palmer
matt at hezmatt.org
Wed Dec 13 23:58:05 EST 2017
On Thu, Dec 14, 2017 at 01:54:08PM +1100, Dave Horsfall wrote:
> On Wed, 13 Dec 2017, Alexandre Anzala-Yamajako wrote:
> > The example is old but I could give you the output of an AES in counter
> > mode with a null key and a null iv and no standard statistical test woud
> > ever show you any defects while you have absolutely no entropy.
>
> I'm still learning here, but is that a weakness of crypto in general i.e.
> always avoid null keys and IVs, or AES in particular?
I think if you replace "null" with "known" it's still the same issue: the
bitstream is predictable, which is a Bad Thing, even though it *looks*,
from the outside, like a stream of high quality random bits.
- Matt
More information about the cryptography
mailing list