cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1996-03-29 - Re: Random Number Testing

Header Data

From: “Deranged Mutant” <WlkngOwl@UNiX.asb.com>
To: Jeff Barber <jeffb@sware.com>
Message Hash: 8f0995dc56af40950ac9e39af16bf6664bc81f93e37c00cb76182fde129dd5dd
Message ID: <199603291150.GAA16425@unix.asb.com>
Reply To: N/A
UTC Datetime: 1996-03-29 17:45:01 UTC
Raw Date: Sat, 30 Mar 1996 01:45:01 +0800

Raw message

From: "Deranged Mutant" <WlkngOwl@UNiX.asb.com>
Date: Sat, 30 Mar 1996 01:45:01 +0800
To: Jeff Barber <jeffb@sware.com>
Subject: Re: Random Number Testing
Message-ID: <199603291150.GAA16425@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On 28 Mar 96 at 15:32, Jeff Barber wrote:
[..]
> Here's the bottom line to this discussion.  Tests that various people on
> and off this list have run show some evidence that there *is* "entropy"
> to be derived from loop timings (well, actually from a combination of
> clock-related, OS-related, and other peripheral-related activities that
> cause variations in loop timings).
[..]
> But, IMO, they qualify as software-only because the interface to the
> hardware is indirect and, at least potentially, non-system-specific.

I disagree.  The methods of timing (how to sample a specific timer) 
and the various interactions  that generate the entropy *are* system 
specific.  Code written for Suns won't work on PCs or Amigas or Macs, 
etc.  The implementation would probably be better if it were built 
into the OS, which rules out Win95, DOS, OS/2, Macs, etc. (unless the 
companies decide to add such a feature...)

> This leaves several questions that may be of interest to cypherpunks:
> 
> -	Is this apparent entropy really *unpredictable* (the most useful
> 	definition of "random" for cryptographic purposes)?

Good question. You'd need to look for patterns.  Barring none, you'd 
have to guess the factors that lead to the entropy, and then see if 
there's a way to reverse-engineer it. (Perhaps use a stripped down 
system and build it up, or disable some of the hardware and OS 
features etc.)

> -	Is there any way to harvest this entropy in a way that is safe to
> 	use for cryptographic purposes?
> 
> -	If so, how much of this "apparent entropy" needs to be collected
> 	in order to get a given quantity of "true entropy"?

Another question: how do you estimate entropy?
 
[..]


 
Rob. 

---
Send a blank message with the subject "send pgp-key" (not in
quotes) to <WlkngOwl@unix.asb.com> for a copy of my PGP key.

Thread