[Cryptech Tech] Suggested changes to TRNG

Basil Dolmatov dol at reedcat.net
Tue Oct 6 10:55:12 UTC 2015



dol@ с iPad

> 6 окт. 2015 г., в 9:36, Joachim Strömbergson <joachim at secworks.se> написал(а):
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Aloha!
> 
> Basil Dolmatov wrote:
>> How one can be sure that this is enough?
> 
> Dunno. I try to burn a bunch of cycles without delaying start too much.
> I'm more than happy to hear suggestions on (1) a reasonable warmup time.
No suggestions.
> (2) assess that it is enough.
Not enough. Any given fixed number.

It cannot reflect changes (including ageing as well as tweaking and tampering), so it cannot be used as the reason to set "OUTPUT_GOOD" signal.

The only possible use of static preconfigured delay is to ignore _definitely_bad_ output before starting tests.
> 
>> Warmup delay is a possible solution to give system _some_ time to
>> start, but should not be the only reason to consider entropy output
>> as usable. Tests should be performed to make sure that the output has
>> good quality and can be used.
> 
> Yes, of course. I'm fairly certain I've been very clear that TRNGv2 will
> support monitoring which includes both online and startup.
> 
> - -- 
> Med vänlig hälsning, Yours
> 
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
> Joachim Strömbergson          Secworks AB          joachim at secworks.se
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iQIcBAEBCAAGBQJWE2vzAAoJEF3cfFQkIuyNPQMQALbxVkUuaWluVXatmia0blpr
> 33pLkm6+mKSpJnBroV8NOBo45d1wL7lcoLjTHWSN+fW93F3/LozyOtcDYc+pegUi
> uNKlY+FwJJAAF+tmtrsqTR7cmczgxU3J8mmCceDLRiqOjo3UVEiujvSp/RAjR6Pn
> 8fgbiJipqy0LReeHRPTD9BNHWXHl6PYq3zeXcuI+KiHSgnddzsgc1/Z28d2eypRA
> waBqWjap+GTFou+txr5WPimlaOsFQXi79jxAOxIRodS+n19tS87aIcdKK/+yl+5x
> cDQB60ACiB5MuSDzp/OkaAPZexddCHYbVBYYccKh4VUmfiEvWVbpIE4lh1YtNRtz
> S7VM9tBawsUq4MCn2nLvKLoZ0ITGI7GKDrIVb20daBr+SrWfsq1JwwVavCqWwFTy
> dJ9xDAuL9H2Q5kt2OXHURqPXMpa6qu/qPfFyqzVJLS+gJJYV5ZBlw+HejIQ5EjK1
> 7EU43rOMF4/uU8J0x+wGaT4jqS9cJtdwBwritSk9ToxTfY3zClNpJKVBRBvzwKNA
> f26aEZ/8CWLeT8FsVHdzUR9BgbxSEH4pJS5NAYRnC/dAYBzaRS29OrKAaTn5CjwK
> TXP1Ivr9eMOj5T44P6euGo1jaYXRcspD41L5j24i71+zYR5MWWzDr+4aAE5L2gDX
> qQSiHl+n6KiGFEoN5+eU
> =OdYA
> -----END PGP SIGNATURE-----


More information about the Tech mailing list