[cryptography] Enranda: 4MB/s Userspace TRNG

Ron Garret ron at flownet.com
Wed May 27 11:21:53 EDT 2015


On May 27, 2015, at 5:14 AM, Krisztián Pintér <pinterkr at gmail.com> wrote:

> by definition, entropy is anything the attacker does not know.

No, entropy is anything about your own physical situation that *you* don’t know.  That may or may not be something your attacker also doesn’t know.  This is the fundamental reason randomness is hard.  You want the second thing, but all you can guarantee is the first unless you have a *complete* model of the physical system generating your data (i.e. thermal or quantum noise, no tampering by the attacker, no side channels, etc. etc.)  And this is the fundamental problem with Enrada: just because you and I and Russell Leidich don’t know how to predict the behavior of a modern CPU doesn’t mean the NSA doesn’t.

rg



More information about the cryptography mailing list