[Cryptography] combining lots of lousy RNGs ... or not

Phillip Hallam-Baker phill at hallambaker.com
Tue Nov 22 10:13:27 EST 2016

On Mon, Nov 21, 2016 at 5:53 PM, John Denker <jsd at av8n.com> wrote:

> Here are some useful equations:
>   random XOR squish = random
>   squish XOR squish = squish   (*not* random)

​No. random XOR squish = squish

If I can interfere with squish, I can undo your random if I know it. And in
real world systems I can often know it.

​A better equation is H (random + squish) = random​
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161122/e69337f0/attachment.html>

More information about the cryptography mailing list