On Thu, Jul 28, 2016 at 09:08:32AM -0700, John Denker wrote: > > That means the chip design is broken in ways that the manufacturer > does not understand. The mfgr data indicates it "should" be much > better than that: > http://www.fdk.com/cyber-e/pdf/HM-RAE103.pdf
Reading that, you don't seem to have access to the raw entropy and the tests you are doing are meaningless. It really should always give you a perfect score since it should already be at least whitened. I have a feeling that there is at least a misunderstanding of what that draft standard is saying and that it's isn't being followed. But if the tests still give you such a low score something seems to be wrong, which might either be the hardware or software. Have you tried running NIST's software (https://github.com/usnistgov/SP800-90B_EntropyAssessment) yourself? Can you run it in verbose mode and give the results of all the tests it ran? Kurt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev