[Cryptography] Duh, why aren't most embedded TRNGs designed this way?
Ben Laurie
benl at google.com
Fri May 21 17:02:51 EDT 2021
I'm not even sure why we're discussing this *again*, but...
On Fri, 21 May 2021 at 21:39, Joachim Strömbergson <joachim at strombergson.com>
wrote:
> Aloha!
>
> Kent Borg wrote on 2021-05-17 18:28:
> > The hard part about RNGs is that when they fail, they usually do so
> > silently.
>
> The standards, like SP 800-90, BSI A20/A31 actuall includes test to be
> run on-line to continuously monitor your entropy source [0]. One issue
> with some of these tests is that they may require quite a lot of data to
> "warm up".
Another issue is that a counter encrypted with a known AES key will pass
these tests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210521/445fa499/attachment.htm>
More information about the cryptography
mailing list