[Cryptech Tech] Comments on Alpha board schematics

Fredrik Thulin fredrik at thulin.net
Thu Jan 28 07:59:35 UTC 2016

Previous message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Next message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, January 28, 2016 12:01:45 AM Bernd Paysan wrote:
> Am Mittwoch, 27. Januar 2016, 10:34:14 schrieb Fredrik Thulin:
> > Subject to some kind of policy I presume. I mean, if any/some defined 
number
> > of the entropy sources stop working, we'd better block the CSPRNG if it
> > wants to re-seed...
> 
> I should mention DJB's "entropy attacks" blog posting: 
> http://blog.cr.yp.to/20140205-entropy.html
> 
> The bottom line is that as long as the initial entropy at startup was good, 
> you can rely on the CSPRNG, and don't reseed too often. If the entropy 
breaks, 
> continue with the old seed, until all nonces are used up for the CSPRNG (not 
> going to happen ;-).

Thanks for the reference. That is my thinking exactly, reseeding doesn't have 
to happen very often at all so I'd rather save my noisy diode for those rare 
events.

I think I've heard that some people are of a different opinion though - for 
example I think I've heard that some people want to always use "fresh" entropy 
for generating long term cryptographic keys and I think we need to accomodate 
that too.

/Fredrik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20160128/2aba5eac/attachment-0001.html>

Previous message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Next message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list