[cryptography] Mixing RdRand with other CPU-based entropy sources?

Natanael natanael.l at gmail.com
Thu Dec 19 03:58:06 EST 2013


It's always a good idea to use several entropy sources and
cryptographically mix their outputs into your pool. They won't reduce your
total entropy either way, any predictable sources will only be adding less
entropy than promised.

- Sent from my phone
Den 19 dec 2013 09:19 skrev "Joachim Strömbergson" <Joachim at strombergson.com
>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Aloha!
>
> Here is a question: If we (barely) trust RdRand enough to use it as an
> entropy source in combination with another source to feed our RNG -
> would it be wise to use another CPU-based entropy source such ad Haveged
> [1], DakaRand [2], Jytter [3] or the CPU Jitter Random Number Generator
> [3] by Stephan Müller? Or should the second one alway be a CPU-external
> source?
>
> A tengential question - is running these entropy sources ([1]..[2]) in
> parallel a good idea?
>
>
> [1] http://www.issihosts.com/haveged/
> [2] http://dankaminsky.com/2012/08/15/dakarand/
> [3] http://jytter.blogspot.se/
> [4] http://www.chronox.de/
>
> - --
> Med vänlig hälsning, Yours
>
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAlKyq/cACgkQZoPr8HT30QGALACeJhV2LbPEpMHQQl0GteZEVNmq
> kVYAn3YGrGKTgUgzUSlB8exFvbCMJDI3
> =qTBy
> -----END PGP SIGNATURE-----
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131219/a60e580c/attachment.html>


More information about the cryptography mailing list