[cryptography] Enranda: 4MB/s Userspace TRNG
pkejjy at gmail.com
Tue May 26 21:14:09 EDT 2015
"you are patient and friendly in response to me, a jerk flinging opinions!"
No worries, coderman. No one ever got into cryptography to bask in the
charm of one's peers. Besides, I'm willing to put up with a lot in order to
get constructive criticism. (So relax, Stuart Christmas...) So yeah, when
you get time, your concerns are of interest to me and so-many lurkers here.
"Bounty, as in compensation for a successful attack in the form of digital
Cool! Anyone have suggestions for (1) defining a successful attack and (2)
how much $ we should post for it? (Obviously, "I broke Enranda by
exploiting a kernel vuln" doesn't count.)
"i am glad the post-quantum hardness has constraints, regarding the rest,
Yeah, I should have explained "postquantum" better. It had nothing to do
with X86 hardware (or even the marketing department). It was a reference to
the complexity of modeling the timedelta stream sufficiently well to
predict anything useful post-trapdoor, even if you have the powers of
Grover search. (This goes into permutative trapdoors and order-sensitivity,
"i trust them more if the design provides raw sample access and the
observed entropy density, bias, failure modes, as observed over extended
sanity and continuous run-checks on the sampled bit stream."
That makes good practical sense. Again, I have nothing against DIYing one's
own hardware TRNG. I believe there's one on Kickstarter for those who want
On Tue, May 26, 2015 at 10:05 PM, coderman <coderman at gmail.com> wrote:
> On 5/26/15, Russell Leidich <pkejjy at gmail.com> wrote:
> > ...
> > I would welcome your longer reply,
> you are patient and friendly in response to me,
> a jerk flinging opinions!
> i will send a longer response about my specific concerns for these
> types of entropy gathering when time permits - thank you for courtesy
> > ... how do you envision this BTC...
> Bounty, as in compensation for a successful attack in the form of
> digital currency :P
> no matter, i am compelled to delineate concerns and risks, as said above.
> > And yes, it's totally legit to attack Enranda by executing a
> > process on the same CPU, for example, in another terminal window on a
> > single-CPU system. For that matter, what other attacks do you foresee?
> i am glad the post-quantum hardness has constraints, regarding the rest,
> another tangent.
> as said above.
> > I won't argue with your point about hardware TRNGs being superior to
> > software ones. If you trust your chip vendor, then it all works just
> i trust them more if the design provides raw sample access and the
> observed entropy density, bias, failure modes, as observed over
> extended sanity and continuous run-checks on the sampled bit stream.
> ... CPU instructions another tangent, which i've written about
> separately wrt RDRAND/RDSEED vs. XSTORE entropy sources.
> best regards, and my apologies for first,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography