[Cryptography] real random numbers

Kent Borg kentborg at borg.org
Sun Sep 15 06:49:25 EDT 2013

John Kelsey wrote:
> I think the big problem with (b) is in quantifying the entropy you get.

Maybe don't.

When Bruce Schneier last put his hand to designing an RNG he concluded that estimating entropy is doomed. I don't think he would object to some coarse order-of-magnitude confirmation that there is entropy coming in, but I think trying to meter entropy-in against entropy-out will either leave you starved or fooled.


More information about the cryptography mailing list