[Cryptography] Duh, why aren't most embedded TRNGs designed this way?
Joachim Strömbergson
joachim at strombergson.com
Thu Apr 29 09:50:53 EDT 2021
Aloha!
Arnold Reinhold via cryptography wrote on 2021-04-27 22:30:
> Assuming the post-processing uses good cryptographic primitives, this is
> ridiculous. The output from any such primitive will pass statistical
> tests. A far better, and cheaper, design would make raw digitized data
> available to the software, which would then do its own whitening in
> software or using on-chip cryptographic accelerators if available. The
> specifications for the TRNG would provide estimates of entropy rate per
> output bit, based on the type of analysis described in the D2.1 report.
> The software would then know how much raw data it needed to process to
> produces the required entropy. The software could do its own tests on
> the TRNG output. Importantly, the output tests could be designed
> independent of the TRNG module supplier.
The RNG in the CrypTech open HSM (https://cryptech.is/) provides access
to raw entropy as well as to entropy after whitening for this exact reason.
--
Med vänlig hälsning, Yours
Joachim Strömbergson
========================================================================
Assured AB
========================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210429/f727bcdd/attachment.sig>
More information about the cryptography
mailing list