[Cryptography] High volume thermal entropy from an iPhone
Alexandre Anzala-Yamajako
anzalaya at gmail.com
Sat Dec 16 02:38:44 EST 2017
>
>
>
> That sameness may reduce the key space from more than the number of atoms
> in the universe to
> less than the number of atoms in your pocket change. In my opinion
> individuals using a non-standard
> source of random that is decent and not disclosed to the attacker is
> better than many of the
> standard sources that may or may not be gamed.
>
> Key management and generation are cornerstones and random is part of this.
>
> I am a fan of multiple sources.
> I do not fully trust the random bits in modern processors and operating
> systems. The source "might" be a register
> under control of Minix in Intel's Management Engine (ME) tech. Or it
> could be marvelous hardware...
> https://en.wikipedia.org/wiki/RdRand
> or the deterministic random-bit generator called CTR_DRBG inside could be
> too deterministic.
>
> This is an interesting way to use common hardware.
>
I can sort of get behind this if you *add* the sources of entropy instead
of *replacing* them. The one nice thing about entropy is that it sums
easily, and you need to spectacularely mess up to have a bad source
actually hurt you.
If you have n adversaries that fully control a source of entropy but you
have n+1 sources. Xoring those sources together to seed a DRBG is safe and
doesn t require you to distinguish between the "good"
And "bad" ones.
Alexandre
--
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171216/46eb4178/attachment.html>
More information about the cryptography
mailing list