[cryptography] Enranda: 4MB/s Userspace TRNG

coderman coderman at gmail.com
Tue May 26 18:05:26 EDT 2015


On 5/26/15, Russell Leidich <pkejjy at gmail.com> wrote:
> ...
> I would welcome your longer reply,

you are patient and friendly in response to me,
 a jerk flinging opinions!

i will send a longer response about my specific concerns for these
types of entropy gathering when time permits - thank you for courtesy
un-deserved!



> ... how do you envision this BTC...

Bounty, as in compensation for a successful attack in the form of
digital currency :P

no matter, i am compelled to delineate concerns and risks, as said above.



> And yes, it's totally legit to attack Enranda by executing a
> process on the same CPU, for example, in another terminal window on a
> single-CPU system. For that matter, what other attacks do you foresee?

i am glad the post-quantum hardness has constraints, regarding the rest,
 another tangent.
  as said above.



> I won't argue with your point about hardware TRNGs being superior to
> software ones. If you trust your chip vendor, then it all works just fine.

i trust them more if the design provides raw sample access and the
observed entropy density, bias, failure modes, as observed over
extended sanity and continuous run-checks on the sampled bit stream.

... CPU instructions another tangent, which i've written about
separately wrt RDRAND/RDSEED vs. XSTORE entropy sources.



best regards, and my apologies for first,


More information about the cryptography mailing list