[7354] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Extracting Entropy?

daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Jun 19 22:46:50 2000

Message-ID: <394EAE81.725D0DB4@algroup.co.uk>
Date: Tue, 20 Jun 2000 00:36:33 +0100
From: Ben Laurie <ben@algroup.co.uk>
MIME-Version: 1.0
To: Matt Blaze <mab@research.att.com>
Cc: Coderpunks <coderpunks@toad.com>, Cryptography <cryptography@c2.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Matt Blaze wrote:
> 
> I should point out that this construction is not designed to obscure the
> input from the output (especially under differential probing), only
> to give you m output bits that depend (each in a different way) on
> the entire input.

Perhaps I should add that as a requirement. OTOH, assuming H is perfect,
wouldn't that make this construction resistant? But I assume you are
reluctant to attempt to prove that.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

Coming to ApacheCon Europe 2000? http://apachecon.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7354] in cryptography@c2.net mail archive

Re: Extracting Entropy?

daemon@ATHENA.MIT.EDU (Ben Laurie)Mon Jun 19 22:46:50 2000

daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Jun 19 22:46:50 2000