On Oct 24, 2008, at 14:29, John Denker wrote:

On 09/29/2008 05:13 AM, IanG wrote:
My assumptions are:

* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.


If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?

Yes.

The second assumption suffices to prove the result,
since (random bit) XOR (anything) is random.

Ah, but for this to hold, you will also have to assume that the N pools are all independent. If they are not, you cannot even guarantee one single bit of "entropy" (whatever that is). For example, if N = 2, your trusted source is pool 1, and I can read pool 1 and control pool 2, I set pool 2 = pool 1, and all you get is zeros. And that surely does not contain X bits of "entropy" for any reasonable definition of "entropy".

Fun,

Stephan

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to