We might have to really specifically ask if “is good” would mean “is required” or “is recommended”.
I don’t know the definition of “stochastically independent” applies to twuewand.
How would we know if output by twuewand has “stochastically independent” values?
Otherwise, a Von-Neumann unbiaser can be a disaster.
This means on the side of caution, don’t use it.
Such independence, however, is commonly not given.
Seems more likely that most entropy inputs aren’t “stochastically independent”. We still don’t know the specific case of twuewand.
He hasn’t opposed this statement of mine:
/dev/random is still world-writeable by any unprivileged user. Simply writing to /dev/entropy should never worsen entropy quality, so the current understanding goes.
Which could be interpreted as free ticket to drop debiasing.
I guess it would need specific review by knowledgeable eyes, otherwise it swill be a vague discussion.
twuerand’s readme has big red warnings about not de-biasing it pretty much says it’s entropy quality will be useless in that case. Better to have less bits generated with something other than von Neumann than no cleaning done whatsoever.
Yeah I don’t doubt that it won;t make entropy worse, but with the effort put into preparing it for our use we should really make it count instead of having an illusion of safety.
Am Donnerstag, 6. Februar 2020, 12:11:52 CET schrieb Patrick Schleizer:
Hi Patrick,
How would I know if any entropy generator produces stochastically independent values?
Per default, assume that they are not independent. Only with an entropy analysis and a rationale why events should be stochastically independent you may assume that it is so.
and twuewand comparing time from CPU with time from RTC.
Stephan Mueller @smuellerDD is the author of jitterentropy-rng who also re-worked Linux kernel entropy replied:
This sounds like a high-res clock being sampled by a low-res clock like ring oscillators do that. I had once played with this idea but discarded it for a reason.
Seems like twuewand got obsoleted by jitterentropy-rng. Since the author of twuewand was also cc’d in that discussion, until there is other information, discarding twuewand as an option.