LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

bogus random entropy sources

bogus random entropy sources

Posted Oct 5, 2010 19:10 UTC (Tue) by jzbiciak (✭ supporter ✭, #5246)
In reply to: bogus random entropy sources by ejr
Parent article: Solid-state storage devices and the block layer

VIA's approach on the C3 doesn't sound too unwieldy. This white paper analyzing the generator's output makes for an informative read. The punch line is that it looks like a pretty reasonable source of entropy as long as you do appropriate post processing. The random numbers it generates aren't caveat free, but they're heckuva lot better than disk seeks and keypresses.

(Log in to post comments)

bogus random entropy sources

Posted Oct 6, 2010 8:40 UTC (Wed) by pcampe (guest, #28223) [Link]

I don't understand why they didn't follow the guidelines in NIST Standard 800-22 (rev 1a), "A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications".

bogus random entropy sources

Posted Oct 6, 2010 13:56 UTC (Wed) by jzbiciak (✭ supporter ✭, #5246) [Link]

Probably because they didn't have a time machine. ;-) The document you reference was written this year. The white paper I reference was written in 2003. And if you meant Rev 1, that didn't come out until 2008.

Maybe you meant the original 800-22? That one came out in 2001.

(Dates came from here.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds