David Honig writes:
> One of the many uses of nitric acid. Ie, take random samples
I thought this is mostly done by removing the bulk of the package
polymer by grinding, and then subjecting the rest of it to a plasma
etch.
I haven't put a processed wafer into nitric acid yet, but I could
imag
At 04:00 PM 7/30/99 -0700, Eugene Leitl wrote:
>David Honig writes:
>
> > One of the many uses of nitric acid. Ie, take random samples
>
>I thought this is mostly done by removing the bulk of the package
>polymer by grinding, and then subjecting the rest of it to a plasma
>etch.
I believe Marcus
At 03:34 PM 7/29/99 -0700, Eugene Leitl wrote:
>Of course one would have to believe the CPU designer that it is true
>noise, and not pseudorandom.
One of the many uses of nitric acid. Ie, take random samples
apart and look at them. There are commercial places that
will do the lab work for you.
It would seem to be an excellent idea indeed to incorporate a register
which gets filled with fresh entropy (from amplified circuit noise,
for instance) at every clock tick into the CPU directly, particularly
if it is to be used for embedded crypto gadgets.
Of course one would have to believe th
At 2:51 PM -0400 7/28/99, Steven M. Bellovin wrote:
>In message , "Arnold G. Reinhold"
>writes
>> I'd spin it the other way. The best approach to making nonces -- DH
>> exponents, symetric keys, etc -- is to use a true source of randomness.
>> That eliminates
On Wed, 28 Jul 1999, Jon Callas wrote:
> I never directly add in entropy
> deposits. I run a separate entropy pool that is hash-based, and
> periodically tap that pool to update the secondary pool. I get really
> nervous about adding entropy directly into a single pool. I also like to
> capitaliz
In message , "Arnold G. Reinhold" writes
:
>
> I'd spin it the other way. The best approach to making nonces -- DH
> exponents, symetric keys, etc -- is to use a true source of randomness.
> That eliminates one area of risk. However most computers do not co
At 10:49 AM -0400 7/28/99, Arnold G. Reinhold wrote:
I believe the input mechanism Anonymous described *is* the RC4 key setup
mechanism. In any case, I take Anonymous' remarks about the brittle nature
of RC4 very seriously. I wouldn't mess with it just to double the entropy
pool. If y
At 9:45 AM -0700 7/28/99, bram wrote:
>On Tue, 27 Jul 1999, Eugene Leitl wrote:
>
>> So what's the magic with the entropy pool? Because current algorithms
>> don't have enough state, and because the hidden structure of their
>> pseudorandomness starts shining through after a while?
>
>The idea is
On Tue, 27 Jul 1999, Eugene Leitl wrote:
> So what's the magic with the entropy pool? Because current algorithms
> don't have enough state, and because the hidden structure of their
> pseudorandomness starts shining through after a while?
The idea is to make it so that if there is a failure, and
At 3:22 PM -0700 7/27/99, Jon Callas wrote:
>I built a PRNG that used an RC4 variant as John Kelsey said. The thing is
>also actually very Yarrow-like. I modified it later to use a state array
>512 long instead of 256 long, just so it would have a larger entropy pool.
>
>When I added more entropy,
Jon Callas writes:
> I'll also note that the state-loop that Anonymous described can easily be
> detected and corrected. Given that this is a PRNG, not a cipher,
> predictability is not a requirement (although you can algorithmically
> correct in a way that will still make it a cipher).
I do
I built a PRNG that used an RC4 variant as John Kelsey said. The thing is
also actually very Yarrow-like. I modified it later to use a state array
512 long instead of 256 long, just so it would have a larger entropy pool.
When I added more entropy, I added entropy using the same basic algorithm
a
At 12:19 AM -0700 7/27/99, James A. Donald wrote:
>--
>At 08:44 PM 7/26/99 +0200, Anonymous wrote:
>> Even aside from active attacks, there is a possible problem based on
>> the fact that RC4 can "almost" fall into a repeated-state situation.
>> RC4's basic iteration looks like:
>>
>> (1) i +
14 matches
Mail list logo