On Mon, Jul 27, 2015 at 7:01 AM, Stephan Mueller <smueller@xxxxxxxxxx> wrote: > This one does not look good for a claim that the RNG produces white noise. An > RNG that is wired up to /dev/hwrng should produce white noise. Either by > having an appropriate noise source or by conditioning the output of the noise > source. Yes. > When conditioning the output, you have to be careful about the entropy claim. A very good analysis of how to deal with this is in Denker's Turbid paper: http://www.av8n.com/turbid/ In particular, see section 4.2 on Saturation > However, the hwrandom framework does not provide any conditioning logic. At first sight, this sounds like a blunder to me, but I have not looked at hwrandom at all. Is there a rationale? For example, not building conditioning into that driver would make perfect sense if the output were just being fed into the random(4) which does plenty of mixing. The only problem then would be to make sure of giving random(4) reasonable entropy estimates. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
