[cryptography] Quality of HAVEGE algorithm for entropy?

Joachim Strömbergson Joachim at Strombergson.com
Fri Nov 29 05:31:49 EST 2013

Hash: SHA1


Stephan Mueller wrote:
> The problem is that dieharder & Co only show the statistical quality.
>  Based on my real-world attempts to the CPU jitter issue used as a
> noise source for /dev/random, the questions around the entropy of the
> data still remains -- see the email threat on LKML.

(I feel I need to read up on the LKLM discussion).

Yes, but when having access to an entropy source - what other ways
besides statistical tool such as Dieharder do we have to measure the
quality of the entropy?

The problem as I have understood it is that we don't have direct access
to the entropy source in Bull Mountain. And that we have to trust Intel
on telling us the truth, that there actually is a nice entropy source,
not simply a CSPRNG with a seed known by certain organizations. The lack
of openness, transparency and control of the entropy source is what is

Or am I missing something?

> That is why my current patch set only uses the jitter noise source as
> last resort, i.e. when /dev/random is about to block. As long as the
> other noise sources produce entropy, my jitter noise source is not
> even asked.
> With that approach, however, /dev/random will never block any more on
> any system.

That is actually pretty neat.

What bitrate do you get from your RNG?

BTW: Just downloaded your PDF and OMG it is really big. I think I have
my weekend reading identified. ;-)

BTW2: You should probably reference jytter in your paper, it would be
very interesting to see the comparison between them.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the cryptography mailing list