Re: entropy masking (was Re: Multiple spinners as sources of entropy?)

In a message dated 96-03-13 18:35:51 EST, Matt Blaze writes:
I would go even further than this. I wouldn't trust ANY environmentally-based random source (cycle spinner, keyboard timer, disk noise, whatever) against adversaries on the same system.
In DOS, the keyboard, mouse, and disk drives run on interrupts, not timers. If you use a timer as a spinner, such as the Windows GetCurrentTime() function, (I MSec. resolution) and check its value each time a key is pressed and released, It would appear that the results should be quite random, because the keystroke is not processed in conjunction with the timer, but rather whenever the interrupt occurs. My tests in this area indicate that any 8 bit value can be achieved with this method, with a fairly uniform distribution. My tests are not thorough (I haven't sat down and typed for 2 hours to test the distribution of the output), but results look reasonably good so far. Jonathan Wienke

On Wed, 13 Mar 1996 23:47:58 -0500, you wrote:
In DOS, the keyboard, mouse, and disk drives run on interrupts, not timers. If you use a timer as a spinner, such as the Windows GetCurrentTime() function, (I MSec. resolution) and check its value each time a key is pressed
[...] I'd also recommend using mouse clicks. I think that most windows users (going from personal experience) spend much more time clicking through messages than typingon the keyboard. A combination of several events should provide 'even better' randomness. Brian ------- <blane@aa.net> -------------------- <http://www.aa.net/~blane> ------- Embedded Systems Programmer, EET Student, Interactive Fiction author (RSN!) ============== 11 99 3D DB 63 4D 0B 22 15 DC 5A 12 71 DE EE 36 ============
participants (2)
-
blane@aa.net
-
JonWienke@aol.com