[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Python Random Number Generator for OTP



On Tue, Jul 23, 2013 at 03:24:39PM -0700, Bill Stewart wrote:
> >> >  Why not use /dev/random, instead of "ensuring you have entropy"
> >> /dev/random limits the output size to the estimated entropy. So
> >it has abysmal performance unless there are high performance
> >entropy sources available.
> 
> This is for a one-time pad.  Limiting the output size to the
> estimated entropy is a *requirement*.  Abysmal performance is fine,
> because you're going to transfer the pad using a briefcase
> handcuffed to a courier's arm or some similarly high-cost
> high-latency physical distribution method, though if you've got a
> higher-performance entropy source, great.

My /dev/random generates a few hundred kilobytes a day.  I exchange OTPs
on a SD card to a friend sitting across the table.  I need to be able to
make a bigger pad than allowed by the horrifically overly conservative
entropy estimates provided by /dev/random.

-andy