[149238] in cryptography@c2.net mail archive
Re: [Cryptography] cheap sources of entropy
daemon@ATHENA.MIT.EDU (Jon Callas)
Mon Jan 27 16:23:51 2014
X-Original-To: cryptography@metzdowd.com
From: Jon Callas <jon@callas.org>
In-Reply-To: <003701cf157b$863e1510$92ba3f30$@huitema.net>
Date: Mon, 27 Jan 2014 13:14:00 -0800
To: Christian Huitema <huitema@huitema.net>
Cc: Cryptography <cryptography@metzdowd.com>, Jon Callas <jon@callas.org>,
Bill Frantz <frantz@pwpconsult.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Jan 19, 2014, at 5:04 PM, Christian Huitema <huitema@huitema.net> wrote:
> The key here is to trust that the camera is not somehow subverted and does
> not feed a "pseudo random" set of bits, just like any hardware that has been
> modified. But then, if the camera truly delivers the pixels that it sees, I
> wonder why I would rely specifically on pointing at a grey card. Simply
> pointing at a landscape or an interior scene will probably provide just as
> much entropy. Minute differences in the location and orientation of the
> camera will cause pixels to shift. In a handheld device like a cell phone,
> we can ask the user to take a series of pictures while randomly moving the
> phone. Hashing the images will certainly deliver some pretty good input to
> the entropy bucket.
Sure, whatever.
Let me get down to brass tacks. Apologies for the minor handwave to make my point:
Assume a frame F_i taken from the camera. If the attacker cannot guess the *exact* contents of that frame, even with filters, in-camera JPEG, etc. with an advantage over guessing flips of a fair coin, then it's got one bit of entropy.
So take 512 frames and hash them. Poof you're done.
Extrapolate from there to the case of a frame having N bits of entropy.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFS5swfsTedWZOD3gYRAhjbAKDhp4bkSnYOz3aJQdPW85ERRSqtTACfVhE7
hyMrC24ttWbF8KUGeF7yI9U=
=suqA
-----END PGP SIGNATURE-----
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
