[onerng talk] review of RNGs
Paul Campbell
paul at taniwha.com
Mon Jul 6 22:57:44 BST 2015
I'm sort of in 2 minds about applying this to OneRNG since we've been pushing
OneRNG as an entropy source to be used in conjunction with a proper crypto
PRNG for creating random numbers - we do OK on dieharder and ent but that was
never our goal, and not what we should be (totally) judged on. I've put more
effort into throughput, delivering lots of entropy fast.
I'd suggest that OneRNG be tested 2 ways - on the raw data (I've published ent
and dieharder results) and on output from /dev/random (what we really aim to
do of course is increase the throughput of /dev/random by stoking it with
entropy)
I do have some issues with the use of ent for measuring entropy, I can't
comment on its other numbers - I can easily modify ent's entropy output by
very simple whitening (CRC16 in my case), operations that don't change the
total entropy of the incoming bitstream - in short I think it's easily fooled
and its output should be taken with an appropriate grain of salt
Paul
More information about the Discuss
mailing list