[19884] in cryptography@c2.net mail archive
Re: EDP (entropy distribution protocol), userland PRNG design
daemon@ATHENA.MIT.EDU (Bill Stewart)
Wed Feb 8 11:16:40 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 04 Feb 2006 23:04:41 -0800
To: "Travis H." <solinym@gmail.com>
From: Bill Stewart <bill.stewart@pobox.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <d4f1333a0602040101icf6da59q4ff1a0bc9dcf2888@mail.gmail.com
>
At 01:01 AM 2/4/2006, Travis H. wrote:
>Assume further that it is not cost-effective to furnish each with a
>HWRNG, even one as inexpensive as a sound card (for example, they may
>not have a spare slot on the motherboard nor built-in sound).
>...
>Suppose that /dev/random is too slow (SHA-1 was never meant to
>generate a lot of output) because one of these machines wishes to
>generate a large file for use as a one-time pad*.
One-time pads are expensive protocols to use properly -
the operational costs of generating easily-disposable media,
putting couriers with briefcases handcuffed to their arms onto airplanes,
shredder costs when trashing the CD/DVD/etc., /dev/thermite for the PCs,
and all the other things that you need to do for a real OTP threat model
add up to real money after a while.
If you can afford that, you can afford to spend $100 for an
external sound card or USB hardware random generator dongle or whatever
or a PC case with more slots in it.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
