OneRNG as a RNG vs entropy generator
phred53
phred53 at hotmail.com
Sat Jun 27 04:22:08 BST 2015
Hi Paul,
Over in the OneRNG KickStarter Comments you said:
"I do want to caution people about worrying too much about OneRNG as a random number generator (sadly we chose the cute device name) rather than as it's primary purpose: an entropy generator - we expect you to take the output and feed it into the kernel RNG (or some other cryptographically appropriate software RNG) before use - however we also think it's important to give people access to the raw RNG output so you can independently test it - you shouldn't just trust us"
Could you elaborate a bit more on the subject of using captured OneRNG as a _source_ of random numbers, pitfalls of doing so and specifically cryptographically why that wouldn't be sound?
Thanks Paul,
Phred
More information about the Discuss
mailing list