[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140901211740.GG12888@brightrain.aerifal.cx>
Date: Mon, 1 Sep 2014 17:17:40 -0400
From: Rich Felker <dalias@...c.org>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] friendly warning about randomness tests
On Mon, Sep 01, 2014 at 10:59:28PM +0200, Krisztián Pintér wrote:
>
> the diehard, testu01, dieharder, etc test suites are not cryptographic
> tools. failing these tests is a clear break, and at least calls for
> another postprocessing step (together with an assessment of actual
> entropy content of the raw output). however, passing such tests mean
> exactly nothing in crypto context.
For reference with regard to how meaningless these tests are, a 32-bit
LCG with a trivial tempering function taken from MT applied to the
output can pass most if not all of dieharder. (I'd have to recheck to
confirm that it's all, but I seem to remember it being all when I was
developing that code.)
Rich
Powered by blists - more mailing lists