combining entropy
Dave Howe
DaveHowe at gmx.co.uk
Mon Oct 27 18:03:54 EDT 2008
John Denker wrote:
> On 09/29/2008 05:13 AM, IanG wrote:
>> My assumptions are:
>>
>> * I trust no single source of Random Numbers.
>> * I trust at least one source of all the sources.
>> * no particular difficulty with lossy combination.
>
>
>> If I have N pools of entropy (all same size X) and I pool them
>> together with XOR, is that as good as it gets?
>
> Yes.
>
> The second assumption suffices to prove the result,
> since (random bit) XOR (anything) is random.
unless you have a possible case where (say) for any given pool,
alternate bits are predictable; XORing all 'n' pools would still give a
maximum entropy of 50%, as the XOR of all 'n' predictable bits is
predictable.
using a hash which performs error diffusion, I would expect that 'n'
equal to 3 would give a suitable combined stream in that case (assuming
the 50% of random bits *are* random of course) 2 is possibly good
enough, but I would probably over-engineer at 3, in case one pool went
non-random.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list