[Gnuk-users] TRNG output
Kurt Roeckx
kurt at roeckx.be
Thu Aug 27 17:51:58 UTC 2015
On Thu, Aug 27, 2015 at 05:37:57PM +0000, flapflap wrote:
> Kurt Roeckx:
> > On Thu, Aug 27, 2015 at 03:18:52PM +0000, flapflap wrote:
> >> Hi,
> >>
> >> NIIBE Yutaka:
> >>> Hello,
> >>>
> >>> Fix to the last message of mine:
> >>> While the thesis I referred is good to read (because it explain
> >>> many related things), I should have referred this paper for the
> >>> specific idea of use of ADC component as a source of entropy:
> >>>
> >>> Fabio Pareschi, Gianluca Setti, Riccardo Rovatti
> >>> A Fast Chaos-based True Random Number Generator for Cryptographic Applications
> >>> http://www.researchgate.net/publication/224056101_A_Fast_Chaos-based_True_Random_Number_Generator_for_Cryptographic_Applications
> >>
> >> You might also be interested in the CrypTech project
> >> https://cryptech.is/ that aims to provide free SW and free HW design
> >> cryptographic implementations, for example using the Novena board.
> >
> > They have a TLSA record that doesn't match the certificate they're
> > using.
>
> see https://cryptech.is/resources/
You don't understand.
$ host -t TLSA _443._tcp.cryptech.is
_443._tcp.cryptech.is has TLSA record 3 1 1 542E161A92C896C88FF5EE6E8F763536ACCA3E52266D35897FDE5610 4BE6A526
The certificate does not match that.
> > There are also various other open hardware TRNGs being
> > implemented, and I think it would be useful for all of them to
> > know whate the state of the art is when it comes to generating
> > good output from whatever source they use.
> >
> > What they all seem to lack is a calculation (and proof) of the
> > (minimum) entropy. For noise over a resistor (measured by an ADC)
> > you should be able to calcualte it, but it's currently unclear to
> > me how to do it for other methods people want to us.
>
> I only know the cryptech TRNG readme mention to use ent and rngtest to
> verify the output.
Which is doesn't really tell you what you think it does. It only
tells you it's not completly broken, it can't tell you that it's
any good.
Kurt
More information about the gnuk-users
mailing list