[Cryptech Tech] ICFO Introduction

Elie Benchimol Elie.Benchimol at icfo.eu
Thu Nov 24 14:30:22 UTC 2016


Hello Cryptech,

In order to move the conversation forward it would be helpful for us to understand if there are any circumstances or applications where a fast random bit rate could be useful. We understand that your particular application only requires a small amount of entropy to initially seed the CS-PRNG and for periodic refreshes.  

For example, are there any applications where the QRNG would re-seed more frequently, or run actively alongside the CS-PRNG?  Could you imagine an large scale application where one fast QRNG is seeding multiple Cryptech HSMs in parallel?

Best,
Elie Calvin Benchimol

> -----Original Message-----
> From: Bernd Paysan [mailto:bernd at net2o.de]
> Sent: Friday, October 28, 2016 4:28 PM
> To: tech at cryptech.is
> Cc: Carlos Abellan <Carlos.Abellan at icfo.eu>; Peter Stuge 
> <peter at stuge.se>; Elie Benchimol <Elie.Benchimol at icfo.eu>
> Subject: [SPAM] Re: [Cryptech Tech] ICFO Introduction
> 
> Am Donnerstag, 27. Oktober 2016, 12:09:40 CEST schrieb Carlos Abellan:
>> The final bitrate we can provide depends on the target price. Our 
>> optical system has been proven up to 42 Gb/s, but then the 
>> electronics, ADC and processing gets very expensive. What do you 
>> think would be an attractive RNG bitrate for your HSMs?
> 
> The purpose of an entropy source in an HSM is to fill up the entropy 
> pool for the deterministic RNG.  That one is a cryptographic stream 
> cipher (ChaCha20), and we trust this stream cipher (If not, we would 
> have chosen a different one).  Actually, if you don't trust your 
> symmetric crypto, the rest of the HSM doesn't make any sense.  DJB 
> summed up some of the principles for entropy
> here:
> 
> http://blog.cr.yp.to/20140205-entropy.html
> 
> So there is no need to be particularly fast, just fill up the entropy source with enough bits to get an initial state (key) for the stream cipher.  There is no need for Gb/s from the entropy source.
> 
> --
> Bernd Paysan
> "If you want it done right, you have to do it yourself"
> net2o ID: kQusJzA;7*?t=uy at X}1GWr!+0qqp_Cn176t4(dQ*
> http://bernd-paysan.de/



More information about the Tech mailing list