bunnie
commented
4 months ago We actually do have ent installed in the analysis server, but generally my observation is that its output isn't as detailed or as useful as Dieharder or the NIST STS suite. It's good at detecting when entropy sources are pretty broken, but I've actually had the tool totally fooled by a really bad entropy source recently so I don't have a lot of faith in it.
That being said, it is a quick script to run so I tossed it at the end of the existing analysis pipeline.
I suggest to add statistic tests with the ent-tool to the pipeline and report the results as part of it.
Especially the Chi²-Test is said to be extremely sensitive to non-random numbers. It seems to be necessary, that the input data is long, otherwise a good TRNG might be flagged as suspicious.
According to the website good values of the test are in the range 10%-90%. Output similar to
Chi square distribution for 500000 samples is 212.53, and randomly would exceed this value 97.53 percent of the times.