[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

best way to create entropy?

Subject: best way to create entropy?
From: pelzi at pelzi.net (Jussi Peltola)
Date: Fri, 12 Oct 2012 03:43:35 +0300
In-reply-to: <CAHsqw9vBE-St1gXfS23-2DeFRx_jK7w2p8cWNbU0tr230=7cew@mail.gmail.com>
References: <CAH_OBiffdqVmwspu9f2uzr_cqnExuA_sLp=d0QhOxQWzkSgOZA@mail.gmail.com> <CAAAwwbWAoy60NBquCX8TeOcChC8Odpw3mRBAgzkcTSqFAN20wg@mail.gmail.com> <CAHsqw9vBE-St1gXfS23-2DeFRx_jK7w2p8cWNbU0tr230=7cew@mail.gmail.com>

On Thu, Oct 11, 2012 at 05:25:37PM -0700, Jonathan Lassoff wrote:
> Yes, but then you're also introducing a way for an external attacker
> to transmit data that can be mixed into your entropy pool.

XORring predictable data to random data does not yield a predictable
result. /dev/random is world writable so if writing to it causes the
random generator to output something predictable it's a bug that needs
to be fixed. Also, an analog TV receiver will always have some noise that is
not predictable even if you are transmitting a known signal to it.

If you seriously need good entropy for cryptography, I think you will not
ask about it on nanog, and I'd be very wary of cheap hardware RNGs too.

References:
- best way to create entropy?
  - From: ag4ve.us at gmail.com (shawn wilson)
- best way to create entropy?
  - From: mysidia at gmail.com (Jimmy Hess)
- best way to create entropy?
  - From: jof at thejof.com (Jonathan Lassoff)

Prev by Date: best way to create entropy?
Next by Date: best way to create entropy?
Previous by thread: best way to create entropy?
Next by thread: best way to create entropy?
Index(es):
- Date
- Thread