On Sat, Jul 20, 2013 at 2:57 AM, Peter Bowen wrote:
> On Fri, Jul 19, 2013 at 10:35 PM, Yaron Sheffer wrote:
>> A few months ago I posted a query to the Amazon Web Services (the
>> largest public cloud, running on Xen) forum on whether they're using libvirt
>> for this purpose, and it was never a
On Jul 20, 2013, at 5:59 , "Dean, James" wrote:
> Ø If my 64-bit hardware TRNG can only generate 1% of 64-bit numbers
> (probably because I hacked it), how are you going to discover that anytime
> soon?
>
> Test for more collisions than predicted by the birthday paradox.
Or less collisions
I agree, in theory. But:
1. How many register reads would one need in order to show Birthday
compliance? (It's not the usual "root of the state space", because a single
collision isn't convincing.) These reads tend to be slow, because the
circuit designers generally need to guardband their entropy
Ø If my 64-bit hardware TRNG can only generate 1% of 64-bit numbers (probably
because I hacked it), how are you going to discover that anytime soon?
Test for more collisions than predicted by the birthday paradox.
___
cryptography mailing list
cryptogr
RANDU issues aside, I don't think thermal or even quantum noise is a good
basis upon which to produce a true random number generator. And not because
good noise sources don't exist. But because, in the interest of
trustworthiness, we want to have TRNGs which are as high as possible in the
stack. (L
On Fri, Jul 19, 2013 at 10:35 PM, Yaron Sheffer wrote:
> A few months ago I posted a query to the Amazon Web Services (the
> largest public cloud, running on Xen) forum on whether they're using libvirt
> for this purpose, and it was never answered. Does anybody around here have a
> clue?
Amazon E
A few months ago I posted a query [1] to the Amazon Web Services (the largest
public cloud, running on Xen) forum on whether they're using libvirt for this
purpose, and it was never answered. Does anybody around here have a clue?
Thanks,
Yaron
[1]https://forums.aws.amazon.com/thread.js
On 7/19/2013 3:26 PM, Nico Williams wrote:
The rpi's HW RNG is almost certainly better than many /dev/*random
implementations running as VM guests. How much real business is
getting transacted on VMs nowadays? Probably a lot.
This probably sounds like a plug for my employer, which it isn't, b
On 7/19/2013 10:13 AM, Mahrud S wrote:
Isn't the thermal noise a good enough entropy source? I mean, it's a
$25 computer, you can't expect much of it.
Directly sampled thermal noise entropy sources have proven:
1) Difficult to model mathematically to determine safe value for min
entropy.
2)
Hypervisors like KVM can expose random number generator devices to guests:
http://libvirt.org/formatdomain.html#elementsRng
Funny, because I just noticed KVM's default is /dev/random. If that's
the case, I think a guest could exhaust the entropy pool, cause
/dev/random to block, and stall any othe
2013/7/19 Mahrud S
> Isn't the thermal noise a good enough entropy source? I mean, it's a $25
> computer, you can't expect much of it.
"See, sir, you shouldn't wonder why all your data isn't actually encrypted.
You shouldn't think it's weird that nothing is secure on your pc. And that
everyone
On Fri, Jul 19, 2013 at 4:52 PM, Lodewijk andré de la porte
wrote:
> 2013/7/19 Mahrud S
>> Isn't the thermal noise a good enough entropy source? I mean, it's a $25
>> computer, you can't expect much of it.
>
> "See, sir, you shouldn't wonder why all your data isn't actually encrypted.
> You shoul
Isn't the thermal noise a good enough entropy source? I mean, it's a $25
computer, you can't expect much of it.
On Fri, Jul 19, 2013 at 8:44 AM, David Johnston wrote:
> On 7/19/2013 5:44 AM, Peter Gutmann wrote:
>
>> Eugen Leitl quotes:
>>
>> Just came accross this article, apparently showing
On 7/19/2013 5:44 AM, Peter Gutmann wrote:
Eugen Leitl quotes:
Just came accross this article, apparently showing the bad quality of the
hardware RNG in Raspberri Pi devices.
http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
That s
Eugen Leitl quotes:
>Just came accross this article, apparently showing the bad quality of the
>hardware RNG in Raspberri Pi devices.
>
>http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
That shows the bad quality of RANDU. It shows t
- Forwarded message from KheOps -
Date: Fri, 19 Jul 2013 14:03:23 +0200
From: KheOps
To: "liberationt...@lists.stanford.edu"
Subject: [liberationtech] Random number generator failure in Rasperri Pis?
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623
Thunderbird/17.0.7
16 matches
Mail list logo