Re: R: True random numbers wanted

From: Anders Sandberg (asa@nada.kth.se)
Date: Mon Sep 02 2002 - 05:48:17 MDT


On Mon, Sep 02, 2002 at 01:07:19PM +0200, Eugen Leitl wrote:

> If
> one doesn't trust Intel's RNG (I don't), one must be clever so that it
> doesn't dominate the entropy pool, allowing known state attacks.

Suppose you have one entropy source that you don't trust, with many
bits/s of entropy, and another trustworthy but low bandwidth source (like
your webcam). If you just xor them together and use that as an input to
your cryptohash, wouldn't that prevent known state attacks? Or am I
missing something?

-- 
-----------------------------------------------------------------------
Anders Sandberg                                      Towards Ascension!
asa@nada.kth.se                            http://www.nada.kth.se/~asa/
GCS/M/S/O d++ -p+ c++++ !l u+ e++ m++ s+/+ n--- h+/* f+ g+ w++ t+ r+ !y


This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:16:38 MST