combining entropy
Jack Lloyd
lloyd at randombit.net
Fri Oct 24 18:40:25 EDT 2008
On Fri, Oct 24, 2008 at 03:20:24PM -0700, John Denker wrote:
> On 10/24/2008 01:12 PM, Jack Lloyd wrote:
>
> > .... is a very different statement from saying that
> > lacking such an attacker, you can safely assume your 'pools of
> > entropy' (to quote the original question) are independent in the
> > information-theoretic sense.
>
> The question, according to the original poster, is not
> whether it is "safe" to assume that one of the entropy
> sources can be trusted. Safe or not, the question explicitly
> assumed that one of the sources was trusted ... and asked
> what the consequences of that assumption would be.
Perhaps our seeming disagreement is due to a differing interpretation
of 'trusted'. I took it to mean that at least one pool had a
min-entropy above some security bound. You appear to have taken it to
mean that it will be uniform random?
-Jack
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list