<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Sun, Jul 12, 2015 at 9:37 PM, Philipp Gühring <span dir="ltr"><<a href="mailto:pg@futureware.at" target="_blank">pg@futureware.at</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">> > Yes, oddly enough things I think OneRNG is good at:<br>
> > * Entropy Sources (e.g. Avalanche/RF)<br>
<br>
</span>Hmm, Multiple-Multiple Choice? Or a free text-field?</blockquote><div><br></div><div>Free text-field should be good enough.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
> > ** Configurable by user (i.e. choose which sources to use)<br>
<br>
<br>
> > * Raw output available (i.e. mode with no whitening)<br>
<br>
</span>In that case, 2 submissions, one for the raw output and one for the<br>
filtered output might be a good idea.</blockquote><div><br></div><div>This would make the submissions far more interesting, especially if the data were made available for analysis.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
> > ** Whitening method (e.g. CRC16, AES)<br>
<br>
</span>von-Neumann filter. Again, multiple-multiple choice of freetext?</blockquote><div><br></div><div>This probably should be free text. There are too many possible options.</div><div><br></div><div>How to auto-analyze the raw data is an interesting problem. Reporting ent's guess of entropy/bit and 1/0 bias might be good. Pass/no-pass on diehard tests would tell us if the "raw" data were actually raw. "Passing" the diehard tests with raw data should be severe cause for concern.</div><div><br></div><div>Another interesting stat might be raw bits/second generated. It is important to know what the TRNG is doing with the raw data. If the raw data is not very random, yet the output whitened bits are generated at the same rate (or faster) than the raw bits, that's another red flag.</div><div><br></div><div>It might be interesting to allow TRNG builders to upload custom entropy/bit estimators to give more accurate (meaning lower) estimates of entropy/byte than ent. For example, my Infinite Noise TRNG is modeled as having 2 states (which correspond to the 2 hold caps). One state is generated from the other + noise every clock cycle. In ideal operation you can filter out most of the non-randomness using an N-bit predictor that estimates the probability of seeing a 1 given N prior bits. I use 2 predictors, one for even and one for odd bits, because they are generated by the two different switched-cap circuits in an alternating pattern.</div><div><br></div><div>With this predictor, I am able to detect that the actual entropy/byte is 15% lower than reported by the ent program. I am also able to verify that the circuit is operating at the expected entropy generation rate, and stop output if the operation is either too unpredictable, or not predictable enough. I allow +/- 3% variation from ideal operation. It would be interesting to run similar analysis on other raw data sets from different TRNGs.</div><div><br></div><div>Bill</div></div></div></div>