[Cryptech Tech] Hardware entropy

Stephan Mueller smueller at chronox.de
Sat May 17 12:56:11 UTC 2014

Previous message: [Cryptech Tech] Hardware entropy
Next message: [Cryptech Tech] Hardware entropy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Samstag, 17. Mai 2014, 08:27:32 schrieb Joachim Strömbergson:

Hi Joachim,
> 
> > Modularity is good; the problem with RdRand and the internal entropy
> > 
> >  collections in Linux and OpenBSD however is that you don't have
> > 
> > access to the raw entropy pool to check if it is good - just to the
> > conditioned output - which by definition looks good, even if it
> > actually isn't.
> 
> Exactly. What we try to achieve is not only a good RNG, but a good,
> transparent and testable RNG - without compromising security.

I also read in your very interesting presentation on the RNG about the 
modularity of the noise sources. But wouldn't it be equally appropriate to 
have the conditioner and the DRNG modular as well?

In that sense, instead of pointing to particular ciphers, like SHA-512 or 
ChaCha, why not saying: a hash and a subsequent symmetric cipher?

Ciao
Stephan
-- 
| Cui bono? |

Previous message: [Cryptech Tech] Hardware entropy
Next message: [Cryptech Tech] Hardware entropy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list