[Cryptography] Duh, why aren't most embedded TRNGs designed this way?
Joachim Strömbergson
joachim at strombergson.com
Fri May 21 03:16:25 EDT 2021
Aloha!
Kent Borg wrote on 2021-05-17 18:28:
> The hard part about RNGs is that when they fail, they usually do so
> silently.
The standards, like SP 800-90, BSI A20/A31 actuall includes test to be
run on-line to continuously monitor your entropy source [0]. One issue
with some of these tests is that they may require quite a lot of data to
"warm up". Many thousands of bits before you can know if you can use the
source or not. Given the bitrate of the source and the time constraints
of the application, this might not be feasible. As an example, a payment
operation with a touchless card must complete in a low few seconds. This
means that the time budget for setting up secure communication is on the
order of 100 ms.
IRRC, In CrypTech we have implementations of some AIS-like tests. There
the time constraints are less hard and it is possible to run on-line checks.
[0] IMHO a pretty good paper that describes the different standards from
a testing poing of view:
file:///Users/js/Downloads/ETS2018.pdf
--
Med vänlig hälsning, Yours
Joachim Strömbergson
========================================================================
Assured AB
========================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210521/617efaeb/attachment.sig>
More information about the cryptography
mailing list