[cryptography] Enranda: 4MB/s Userspace TRNG

Krisztián Pintér pinterkr at gmail.com
Tue May 26 18:25:00 EDT 2015


i call bullshit on this one, just as i called bullshit on havege. a
proper hwrng always outputs the raw, unfiltered random bits. and an
estimate of the the entropy content. whitening is easy, and can be
done various ways, it is not interesting. many times we don't even
want whitening, because we already have an entropy accumulator
arrangement, like linux /dev/random (whatever crap it is).

conclusions:

1, if your proposed method comes with a complex extractor, it is
bullshit

2, if your method comes without a detailed analysis and measurements
on the entropy content of the raw data, it is bullshit

for start, where your entropy is coming from? it all comes from IRQ-s,
otherwise the CPU runs quite predictably. it is already fishy to say
that you can collect 4Mbit/s from IRQ alone. also it is very different
on different platforms. embedded systems without user interaction tend
to have less IRQ noise. where are the estimates? where are the
calculations?



> Russell Leidich (at Tuesday, May 26, 2015, 5:01:20 AM):
>
> Enranda is a cryptographically secure (in the postquantum sense)
> true random number generator requiring nothing but a timer (ideally,
> the CPU timestamp counter).

> http://enranda.blogspot.com



More information about the cryptography mailing list