On Tue, 25 Sep 2012 11:36:31 +0200 Mariusz Gromada wrote: > Here we did some initial testing, mainly based on charts, which showed > typical noise in time. But again, it requires a formal proof. When you say formal proof lets be clear that you aren't actually proving anything about entropy. Entropy and randomness are two completely different concepts. Good randomness is not a requirement of an entropy source, and doesn't imply anything at all about entropy. What's actually happening here is that that observations are being made on randomness and then translated into entropy based on the assumption that an attacker can never gain any advantage over treating the timings as the product of a black box. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"