On Wed, 8 Nov 2006, Travis H. wrote:

> On Wed, Nov 08, 2006 at 05:58:41PM -0500, Leichter, Jerry wrote:
> > Sorry, that doesn't make any sense.  If your HWRNG leaks 64 bits,
> > you might as well assume it leaks 256.  When it comes to leaks of
> > this sort, the only interesting numbers are "0" and "all".
> I can cite numerous examples of such happening in real life. [...]
> Not having to rely on perfectly unpredictable numbers coming from
> your RNG is a valid design principle.

Looks like you are doing a common mistake of using ``entropy source''
(or, probably, even``source of entropy input'') as output of your
generator (see NIST SP 800-90 for details). With such attitude, the
next step is to use identity mapping as a block cipher :-)


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to