2010/10/4 Kevin Chadwick <ma1l1i...@yahoo.co.uk> > >Then of course the tiiiny tiiiny problem of defining in code how to > >_prove_ that the input > >is random. Proving some input is skewed in one of 123 ways is easy and > >relatively fast, > >but proving that the input data will never fail a statistical test is.. > >Hard. > > If a situation is possible where a certain device starts doing a ton of > work in a highly regular fashion that the entropy gathering code > doesn't dismiss and so affects the entropy, then I can see this being > useful, but if that was possible which I doubt, then maybe the entropy > gathering should be improved. > > What I meant was that one can complain of that the NIST programs (diehard and dieharder springs to mind) only do certain tests, but that is just because noone can make a short program that _proves_ a certain stream is random. The only thing available seems to be a series of tests against a defined set of properties a random stream shouldnt have, but that list isnt conclusive, nor finished. And it probably never will. Its just among the best options available right now, and it takes lots of time to run and it can only disprove certain inputs, not prove randomness in the others.
-- To our sweethearts and wives. May they never meet. -- 19th century toast
