On Mon, 4 Oct 2010 13:33:00 +0200
Janne Johansson <icepic...@gmail.com> wrote:

> 2010/10/4 Kevin Chadwick <ma1l1i...@yahoo.co.uk>
> 
> > > I do love all this considerations. Just wondering by on earth entropy
> > > doesn't get much attention in a world where people seems so worried
> > > about security and privacy.
> >
> > Do you mean the world in general or the OpenBSD world.
> >
> > I presume you've read the OpenBSD crypto papers that talk about how
> > impossible it is to create a true random generator.
> >
> > First I'd ask how well can anyone prove that the NIST statistical test
> > suite can reliably judge randomness?
> >
> >
> It just tries to prove the opposite. If the data has patterns it can find,
> its not random.
> Proving something is random is insanely much harder.
> 
> -- 
>  To our sweethearts and wives.  May they never meet. -- 19th century toast
> 

Thought about that but surely you'd need a lab to do that well as you'd
need a ridiculous amount of processing power and/or would be helping any
attacker do his job. Plus truly random data could very occasionally
have short lived random patterns. I imagine the current system monitors
the input and output of the entropy pool, which would seem like the
logical thing to do, but I wouldn't know.

If you can improve the current codes info or accuracy, then cool.

Reply via email to