[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: One-Time-Pad generation from audio device
On Mon, 2 Oct 1995, Yih-Chun Hu wrote:
> I wouldn't bet on it. I did a similar hack with perl, with a much more
> conservative 5 seconds to 32 bytes. That didn't cut it, when I ent'ed the
> result it gave 6 bits of entropy / 8 bits of output.
How did you measure the entropy of the output ?
> Um.. I would try to generate bits quickly, then securely, so for example
> you get a 2k buffer and do it 5 sec / 128 bits. Then slow down and overwrite
> the buffer and give warnings if the user wants to use the bits too early.
Ah, well the idea is that they can just generate a OTP when they have a
few spare hours, not that they'd be generating it in real-time. The
Privtool code does use realtime generation of random numbers, but it has
a lot of input data other than the audio (e.g. mouse movements, MD5