why does RAND_add() take "randomness" as a "double"?
Dennis Clarke
dclarke at blastwave.org
Wed May 22 17:32:51 UTC 2019
> Good options inspired by other cryptographic libraries include:
>
> - Number of bits of entropy passed in call (For example, a
> perfectly balanced coin flipper could provide the 4 byte
> values "head" or "tail" with an entropy of 1 bit).
Let's drop the coin flipper. It was an off hand remark and by now we
all know there ain't no such thing as a good coin flip for rng.
See Professor Persi Diaconis at Stanford for that :
https://www.youtube.com/watch?v=AYnJv68T3MM
Bell's theorem and kolmogorov aside get a radiation decay source as
that is really the *only* real rng that we know of.
Or that I know of. http://www.fourmilab.ch/hotbits/hardware.html
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
ps: see "futility of foresight"
More information about the openssl-users
mailing list