[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

best way to create entropy?

On Thu, Oct 11, 2012 at 05:25:37PM -0700, Jonathan Lassoff wrote:
> Yes, but then you're also introducing a way for an external attacker
> to transmit data that can be mixed into your entropy pool.
XORring predictable data to random data does not yield a predictable
result. /dev/random is world writable so if writing to it causes the
random generator to output something predictable it's a bug that needs
to be fixed. Also, an analog TV receiver will always have some noise that is
not predictable even if you are transmitting a known signal to it.

If you seriously need good entropy for cryptography, I think you will not
ask about it on nanog, and I'd be very wary of cheap hardware RNGs too.