[cryptography] Intel RNG
marsh at extendedsubset.com
Tue Jun 19 16:54:37 EDT 2012
On 06/19/2012 02:11 PM, coderman wrote:
> the sanity checks, being on die, are limited. you can't run DIEHARD
> against this in a useful manner because the DRBG obscures anything
I don't think there's anything useful diehard (specifically) is going to
The raw entropy source output would not be expected to pass diehard. The
CR report shows visible artifacts in that FFT graph. The entropy
estimation function one would apply to that source would likely be much
simpler than the diehard suite. Just a sanity check that the output is
actually changing once in a while would go a long way towards
eliminating the most common failure modes.
On the other hand, the AES CTR DRBG output will always pass diehard,
whether it contains any entropy or not.
More information about the cryptography