On Thu, Oct 17, 2013 at 2:29 AM, Eugen Leitl <eugen@leitl.org> wrote:
If we had good PRNGs everywhere, with lots of trustable physical entropy stirred in then nobody would care about talking about these. It would be boring, since a solved problem.
Now show me a cryptographic quality PRNG with a few MBytes of internal state. Best, a whole robust family of them. See? That's some quality trolling, right there.
Problem is, apparently no one is solving it, so round and round it goes... physical entropy, rdrand, reboot state, prng code. I'd guess that with good sources, today's prng code is sufficiently strong and at least some unix systems do save state across reboot. Now if someone would just sell a completely open discrete logic serial port hw entropy source for under $50... that would end a lot of the talk. Even with a more costly radiation source rather than other phenomena you'd still likely make good profit in quantity from China at that price. Sell other/cheaper/slower phenomena for a little less and make even more profit. Seal some up in a pretty wrapper and call it the corporate version for $1500.