On Mon, 4 Oct 2010 13:33:00 +0200 Janne Johansson <[email protected]> wrote:
> 2010/10/4 Kevin Chadwick <[email protected]> > > > > I do love all this considerations. Just wondering by on earth entropy > > > doesn't get much attention in a world where people seems so worried > > > about security and privacy. > > > > Do you mean the world in general or the OpenBSD world. > > > > I presume you've read the OpenBSD crypto papers that talk about how > > impossible it is to create a true random generator. > > > > First I'd ask how well can anyone prove that the NIST statistical test > > suite can reliably judge randomness? > > > > > It just tries to prove the opposite. If the data has patterns it can find, > its not random. > Proving something is random is insanely much harder. > > -- > To our sweethearts and wives. May they never meet. -- 19th century toast > Thought about that but surely you'd need a lab to do that well as you'd need a ridiculous amount of processing power and/or would be helping any attacker do his job. Plus truly random data could very occasionally have short lived random patterns. I imagine the current system monitors the input and output of the entropy pool, which would seem like the logical thing to do, but I wouldn't know. If you can improve the current codes info or accuracy, then cool.
