[136061] in cryptography@c2.net mail archive
Re: combining entropy
daemon@ATHENA.MIT.EDU (Thierry Moreau)
Fri Oct 24 15:48:12 2008
Date: Fri, 24 Oct 2008 10:23:07 -0500
From: Thierry Moreau <thierry.moreau@connotech.com>
To: IanG <iang@systemics.com>
CC: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <48E0C673.6040005@systemics.com>
IanG wrote:
> If I have N pools of entropy (all same size X) and I pool them
> together with XOR, is that as good as it gets?
>
> My assumptions are:
>
> * I trust no single source of Random Numbers.
> * I trust at least one source of all the sources.
> * no particular difficulty with lossy combination.
>
Do you really trust that no single source of entropy can have knowledge
of the other source's output, so it can surreptitiously correlate its own?
I.e, you are are also assuming that these sources are *independent*.
--
- Thierry Moreau
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
