[Gnuk-users] TRNG output
NdK
ndk.clanbo at gmail.com
Thu Sep 3 12:15:40 UTC 2015
Il 29/08/2015 23:25, Kurt Roeckx ha scritto:
> An other very interesting paper is this one:
> https://eprint.iacr.org/2011/659
Another interesting method I found some years ago (can't remember the
paper reference, sorry) is to consider couples of lsb readings. If the
two bits are equal, discard both. If they're different, discard the
first and store the second.
IIRC this method is best when there's a fast source with randomly
varying duty-cyle and a much slower sampler.
The drawback is that the rate of the random bitstream depends on the
instability of the source: if the source is stuck (say an attacker
pulled the analog line under gnd, say -.3V : the ADC would consistently
give all zeroes -> no bitflips -> no random bits generated).
BYtE,
Diego.
More information about the gnuk-users
mailing list