[Cryptech Tech] RAM as source of entropy

Joachim Strömbergson joachim at secworks.se
Fri Feb 7 11:18:10 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

A few more things.


Василий Долматов wrote:
> Mixing the output of several «bad» sources will not give «good»
> result.

The problem is that you don't know how good the sources are - really
high entropy, pretty good entropy, or half-bad entropy. And the
important thing is: Can an attacker force the entropy source to generate
antropy that be predictable? Can the attacker do that with all sources.
Mixing several half bad sources makes it harder for an attacker to
control the result.


> Mixing the output of several «bad» sources with «good» source will
> not give «good» result.

No, but the combined result will at least have the same quality as what
the good source provides. Depending on how you mix - and lets pretend
that we use XOR as a naive solution, if you mix the randomness from a
good quality source with a source producing a static value, the combined
result will have the same quality and unpredictability as the good
source. (Mixing using a saturating adder would be bad though.)


> Mixing the output of several «good» sources will not make the result
> «more good».

Not good in sense of entropy quality > any of the sources. But if we can
agree that you have a hard time separating a good quality source from a
half-good one, the combined result have a higher chance of having good
quality. And it makes it harder for an attacker to reduce the quality
due to the need to simultaneously control more than one physical process.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJS9MDxAAoJEF3cfFQkIuyNjoQP/2F4hLtmDipG4fSz+YU6r5Ih
oiHKYMT9D9nJKWa1722GCcZ4h02GXbTsxN7avJnnIjkj4sVc13l5kvNVKjwTYnD1
wqONtpTNmZdREnhbx8YpcOUmfbHhWQWT7ifOBgiAAT9Ed/Xtqld4w2ZbGKk8JgTC
l7wNzKsT3uJ8a4/emJMNY0XTfMcRwqfO5PVM5cmT5L3x/509IIyNvz6yVnccmVm1
udILA+7ulPQlBOHl2JdqTHqsFAnDSO7Z5lAoyh9lDggEl1f+SKl8xgx+L5iAQsd1
hCdXUqVeYlhaL/RLJfej1RQeL/fo0/ALueQ0vfkB9yWiTeq3eCYNcYiESWBmz3lp
ZrA3qwrkiO5fxDKNgOvfLc+xTHXA9AJE/L80PHxrnagtpuGiW4eTgGenUvajAxjA
MgNqvVX8N60jP+g1mrYKQftmYmPLuxUqPoSAKQj7qNEo2w1lwisxDknstPy1o+wO
1NQygo3B6RTg9ix/lCl8calprb8sNzd/AeC+NMDEA1KFn/R4OfeaYMk5BDk6N+TO
kXHEjOe4VGkPK5WFBzw/zKrfIEIEQEEfJIGEpqb0+hp7Obb6yRZEOOWn/BulVTX+
zB8oAn6HyTUHcjCQTInPdmkKM26UR2lvUhs3ok8e+32FeUv2+4oneWAtF3Ch7jly
sKHO4BaTzb+I54qSKlav
=wLBw
-----END PGP SIGNATURE-----



More information about the Tech mailing list