August 27, 2016 at 6:10 pm #1820
(I know this isn’t about the TrueRNGPro hardware specifically, but I’m wondering about the topic of using TRNGS for improving [CSP|P]RNGS.)
I was wondering if there were any suggestions or recommendations around using the device to improve software RNGS.
- Linux’s random device can be seeded with more entropy, I know – no clue if can do the same in Windows
- If we use TRNG to generate keys for PRNG algorithms, I think it’s “better”, but I don’t know precisely what that means.
In one case (best case?), we just use the TRNG directly and get unpredictable random data.
But perhaps we are using TRNG to affect/improve software PRNG algorithms, just as a theoretical question. (Practical use: perhaps the TRNG isn’t generating bits fast enough. Maybe we need 100x or 1Mx bits for some reason. Not that I have this problem…)
Is there a recommended method? Any interesting “better” or “worse” ways to do this? Any interesting discussion to be had?
Here’s what I’ve got so far, would love input:
- Brute force: every time we’ve gathered N TRNG bits, we could completely reset the PRNG state data. Essentially, create a new PRNG whenever we get enough bits.
- Salting bits directly: when we get a few bits, we XOR them into the PRNG algorithm’s state, either randomly or incrementally rolling through all the state data. (Easy for custom implemented algorithms, maybe harder if using system/library?)
- Salting bits w/ transform: when we get a few bits, hash them using some algorithm like SHA and use the resulting hash to XOR against the PRNG algorithm’s state.
- Are there any other interesting actions to take along these lines?
- Any recommendations for, against, or better methods of doing the above?
- Any preference to “partially salting” PRNG more frequently rather than “completely resetting state” of PRNG less frequently once “enough” bits come in? Of course, in reality we’re talking fractions of a second either way.
- Any reason one wouldn’t just use TRNG bits directly other than increasing bitrate via software?
- Any security issues with TRNG attached to local server that would make transforming bits via hash or PRNG a preferred way to use them?
I’m mostly asking because I’m new to TRNG and excited about my new hardware, and wondering what the usage cases in general and for me could be beyond just cool playing with it.
I’ve been searching around the web and reading this or that interesting looking article, but if you’ve got recommended reading I’d certainly love the links.August 27, 2016 at 7:32 pm #1823April 27, 2017 at 4:56 am #2079
AES/Blowfish the data and inject merged (securely)
You must be logged in to reply to this topic.