Re: strengthening /dev/urandom
From: Ernst Lippe (ernstl-at-planet-dot-nl_at_ignore.this)
Date: 08/31/04
- Next message: Guy Macon: "Re: strengthening /dev/urandom"
- Previous message: Guy Macon: "Re: XOR without repeated key"
- In reply to: Guy Macon: "Re: strengthening /dev/urandom"
- Next in thread: Guy Macon: "Re: strengthening /dev/urandom"
- Reply: Guy Macon: "Re: strengthening /dev/urandom"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 31 Aug 2004 14:55:55 +0200
On Tue, 31 Aug 2004 04:09:05 -0700, Guy Macon wrote:
> Yes, we all know what "TRNG" means. TRNG means 100% entropy, just as PRNG
> means zero entropy.
A much better definition IMO is that a TRNG can generate an
unbounded amount of entropy in its outputs, while the output
from a PRNG can only contain a limited amount of entropy.
These definitions avoid several problems. First of all
there are no physical devices that can guarantee 100% entropy.
In all TRNG's that I know the raw outputs are either non-uniform
or they are not statistically independent. Entropy distillation
on these raw inputs will increase the entropy per output bit,
but from a mathematical point of view it will never be exactly equal
to 100% (the hard problem here is that physical measurements are
never completely independent).
The other problem is that a PRNG can contain some real entropy.
When the PRNG is seeded with an unknown value, (e.g. from
a TRNG) its outputs will contain some real entropy. Of course
the total entropy in its outputs can never be greater than the
number of bits in the seed, but still it can be greater than
zero.
Ernst Lippe
- Next message: Guy Macon: "Re: strengthening /dev/urandom"
- Previous message: Guy Macon: "Re: XOR without repeated key"
- In reply to: Guy Macon: "Re: strengthening /dev/urandom"
- Next in thread: Guy Macon: "Re: strengthening /dev/urandom"
- Reply: Guy Macon: "Re: strengthening /dev/urandom"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
