[11202] in cryptography@c2.net mail archive
Re: building a true RNG (was: Quantum Computing ...)
daemon@ATHENA.MIT.EDU (Joseph Ashwood)
Wed Jul 24 11:34:05 2002
From: "Joseph Ashwood" <ashwood@msn.com>
To: "Eugen Leitl" <eugen@leitl.org>, "David Honig" <dahonig@cox.net>
Cc: "John S. Denker" <jsd@monmouth.com>, <amir@herzberg.name>,
"'Hannes R. Boehm'" <hannes@boehm.org>,
"'Ian Hill'" <Ian@Protonic.com>, <cryptography@wasabisystems.com>
Date: Tue, 23 Jul 2002 14:06:40 -0700
----- Original Message -----
From: "Eugen Leitl" <eugen@leitl.org>
Subject: Re: building a true RNG (was: Quantum Computing ...)
> I've got a framegrabber with a 640x480 24 bit/pixel camera. It doesn't
> compress, is rather noisy, and since self-adjusting I get the maximum
> entropy at maximum darkness.
> Is there any point in compressing the video before running it through a
> cryptohash?
It will not serve a cryptographic use, however if you can find a fast enough
truly lossless compressor it can be very useful. Since I assume you'll be
taking a picture purely in the dark a usable compressor would be (please
pardon the severely abused pseduo-code)
SHA1 pool
on_pixel
{
if pixel is not black
SHA1_update(pool, pixel, pixel coordinates);
}
get_random()
{
SHA1 temp
SHA1_update(pool, "1")
temp = SHA1_duplicate(pool)
return SHA1_finalize(temp)
}
> How does e.g. SHA-1 fare with very sparse bitvectors?
It is believed to fare quite well, and considering that the line for proper
entropy distillation is actually well below the line for cryptographic
security SHA-1 is likely to remain very good for this purpose. If you are
more concerned about speed than maximum entropy containment (or require less
than 128-bits of entropy) you might also consider MD5. If you are extremely
concerned about this (and are willing to lose a few other desirable
behaviors) it is possible to use a block cipher, basically in CBC mode, to
accumulate entropy, this has the advantage that under some reduced
assumptions it is possible to compute the maximal entropy of the state at a
given time.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
