[onerng talk] Blinking LED
Paul Campbell
paul at taniwha.com
Thu Jun 18 02:47:17 BST 2015
On Thu, 18 Jun 2015 11:37:08 James Cameron wrote:
>I think I see what you mean. There is an accumulation, but there's an
>averaging as well. An incrementing counter tracks test failures. The
>counter is decremented every 1000 test successes. A time averaging
>filter that is very sensitive to short term failures.
>25 failures are needed at a rate exceeding one per 1000 tests, but
>they need not be consecutive; they can be spread among 25000 tests.
yes that's the thing the failures are random, sometimes they are close
together
remember we're not trying to create a good RNG, that's more of a side effect,
what we're really trying to make is good entropy which is subtly different
thing
> > We've talked about creating an option that runs OneRNG data through
> > OpenSSL AES (with a fixed key) to further whiten the incoming data -
> > you might want to try this and see if it solves your problem
>
> Don't like the complexity. I'd be more inclined to increase
> MAX_RNG_FAILURES (25) or decrease RNG_OK_CREDIT (1000), or rewrite the
> filter.
I think that's a great idea .... for you.
It doesn't solve the problem for people who just want to do a simple install
today - I think I'll probably do that this weekend - but I'll also add an
entry in /etc/onerng.conf that lets you choose to turn it off
Paul
More information about the Discuss
mailing list