|
|
|
|
|
|
by zokier
4641 days ago
|
|
|
> Also, usually HW RNGs include a firmware module that is constantly monitoring the entropy output and shutting off the generator in case of it sinking below a certain threshold to detect hardware failure and prevent it from causing predictable output. This sentence reminded me of the recent revelation of some smartcards: http://arstechnica.com/security/2013/09/fatal-crypto-flaw-in... Afaik the failure was exactly that there was insufficient HW failure detection. edit: > Even worse, the firmware includes a line of code that ensures that the "RNG" never outputs the same "random" number twice in a row. Also this reminds me of another anecdote. In math/stats class teacher told us of a experiment where two people were to write a 100 digit random sequence of 0s and 1s on a paper. One person was to use a coin flip, an the other was to just make the bits up. Then the person administering the experiment would take the sequences and guess which one was true random (coin flipped) and which one was human-generated. The trick being that humans tend to avoid repetition, and the one with (iirc) 6 consecutive 0s or 1s was most likely true random. |
|
|