OpenChaos/Seth Hardy

From C4 Wiki
Jump to: navigation, search
Seth Hardy hielt den gleichen Vortrag, den er auch bei Black Hat Europe gehalten hat.
Hier die Beschreibung von blackhat.com:

"Many efficient methods of generating "good" random numbers exist in the literature of mathematics and theoretical computer science. One particular method of generating good randomness is to use extractors: graphs which will transform bad randomness (i.e. smaller ratio of entropy/data, or randomness distributed poorly) to good randomness (of a provable level of security) by an additional input of only a small number of truly random bits.

This talk will cover the mathematical background behind pseudorandom number generation, including concepts such as entropy and what good and bad randomness actually means. Once the appropriate background has been presented, the talk will move from the world of theory to that of practice, demonstrating how these concepts can be used for the purpose of pseudorandom number generation. Specifically, the current /dev/(u)random PRNG for Linux will be discussed and compared to the new /dev/erandom PRNG written which uses these extractors.

Entropy harvesting will also be covered; the work on /dev/erandom prompted a number of improvements to the entropy harvesting methods used in the Linux kernel. The new framework for entropy harvesting will be demonstrated, and the advantages (specifically flexibility and extensibility) of the new method will be covered.

This talk is meant to help bridge the gap between theory and practice in the realm of cryptography and computer security. Although all of the concepts will be presented with mathematical rigor, no prior knowledge of the subject is required. The talk is structured such that people who are new to the subject will be able to learn a lot, while those familiar with the introductory concepts being presented will still be able to get much from the details."

Ein paar Infos zu Seth Hardy (wieder von blackhat.com): 

"Seth Hardy is currently a member of a prominent cryptography research group at a well-known university. In general, his research in the area of cryptology can be viewed from two different but related sides. On the side of computer science, he has worked on a number of projects including crypto libraries developed for the European Union and a distributed elliptic curve cracker. On the side of mathematics, his attention has mostly been on optimization of cryptosystems and cryptanalysis through combinatorics and coding theory, although recently he has made the move to research of pseudorandom number generation (and its more theoretical applications) from a complexity-theoretic standpoint.

Mr. Hardy is involved in a number of other side projects, including being a founding member of the Tsumego Foundation, a private research group and think tank specializing in cryptology, provably secure cryptosystems, steganography, and integration of the above into real-world systems."