Krisztián Pintér <[email protected]> wrote: > [email protected], Saturday, March 22, 2014: > >> The haveged project is an attempt to provide an easy-to-use, >> unpredictable random number generator based upon an adaptation of the >> HAVEGE algorithm. > > here is my personal prediction: havege is either a hoax or bs. either > it will get forgotten, or someone will rip it apart, and show how bs > it is.
It definitely is not a hoax. There are quite a few programs all using the same basic notion of getting entropy from variations in system state. That basic idea looks sound to me, though It isn't clear which of them is best on a given system and I'd say they all need more analysis. Havege is one; the main advantage is that the daemon is already in Debian. One I wrote is at: ftp://ftp.cs.sjtu.edu.cn:990/sandy/maxwell/ The paper there includes some analysis of other choices, including Havege. Another, that I did not know of when I wrote that paper. http://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html His papers have impressively extensive testing. There are at least two or three more out there. _______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
