[cryptography] Question on Entropy Gathering

Jeffrey Walton noloader at gmail.com
Sun Mar 3 15:30:02 EST 2013

Hi All,

In Jesse Walker's slide on "Requirements for random number generators"
(https://crypto.stanford.edu/RealWorldCrypto/slides/jesse.pdf), Walker
provides a simple gatherer on slide 10:

unsigned before, after, entropy;
before = read_TSC();
after = read_TSC();
entropy = (after – before) & 0x0ff;
Repeat until sufficient entropy harvested

Slide 11 provides an analysis.What does it mean to be an AR(1)
process? Is it referring to section one of the man pages? If so, what
does that have to do with this generator?

The analysis states, "this software entropy source is not portable
across platforms without extensive rework." Wouldn't the code be
suitable on platforms with a high resolution counter? In this case,
one would only need to call the correct Operating System function (for
example, QueryPerformanceCounter()).


More information about the cryptography mailing list