[4085] in cryptography@c2.net mail archive
Re: Intel announcements at RSA '99
daemon@ATHENA.MIT.EDU (David R. Conrad)
Thu Jan 28 14:12:21 1999
Date: Thu, 28 Jan 1999 13:13:10 -0500 (EST)
From: "David R. Conrad" <drc@adni.net>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: cryptography@c2.net
In-Reply-To: <v03130304b2d3ea6bd25b@[24.128.119.92]>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 26 Jan 1999, Arnold G. Reinhold wrote:
> I do not agree, however, that 1 bit per second would be fast enough. I am
> not sure what you mean by " Anything more can be generated by cryptographic
> means," but I want a reliable source of entropy that is independent of the
> many unproven mathematical assumptions underlying cryptography. Also we
> should not assume that we forsee all possible uses for this source of
> randomness. For example, people doing analysis using Monte Carlo methods
> might have use for a fast source of near-random bits that could be easily
> whitened in software.
People doing Monte Carlo methods would be more than adequately served by
using the kind of PRNGs they currently use, seeded by 32 or 64 truly
random bits from this thing, no?
People doing serious cryptography also need small chunks of bits --
perhaps a random 64-bit IV, maybe a 112- or 128- or 160- or 192-bit random
session key, or a random starting point to look for some big primes.
A driver Yarrowing[1] bits from this true RNG at 1/s, running on a system
with, say, a 30 day uptime, would have collected 2,592,000 bits of entropy
over its lifetime. (From the chip, assuming it gets a bit each second.
It may not get every bit the chip has available, but it would certainly
get some entropy from other places as well.)
Perhaps you don't want to trust any software at all. But surely you
intend to do some whitening of the underlying bitstream? In part of your
message which I cut you clearly foresaw that the bitstream wouldn't have a
flat distribution of 0s and 1s, which means it needs some whitening.
Using SHA-1, perhaps? But now we're back to the "many unproven
mathematical assumptions underlying cryptography".
[1] You can verb any word in the English language. :-)
David R. Conrad <drc@adni.net>
This is why I love America -- that any kid can dream "I'm going to get
naked with the President" ... and that dream can actually come true.
What a great country! -- Michael Moore
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQA/AwUBNrCo0IPOYu8Zk+GuEQI/ugCdEQr5booqaZJ3yrYWnDzBK4ARPVAAoMy8
Bje/THja+sKG6sY0wlEo3mu1
=CWku
-----END PGP SIGNATURE-----
