John Denker wrote: > On 09/29/2008 05:13 AM, IanG wrote: >> My assumptions are: >> >> * I trust no single source of Random Numbers. >> * I trust at least one source of all the sources. >> * no particular difficulty with lossy combination. > > >> If I have N pools of entropy (all same size X) and I pool them >> together with XOR, is that as good as it gets? > > Yes. > > The second assumption suffices to prove the result, > since (random bit) XOR (anything) is random.

unless you have a possible case where (say) for any given pool, alternate bits are predictable; XORing all 'n' pools would still give a maximum entropy of 50%, as the XOR of all 'n' predictable bits is predictable. using a hash which performs error diffusion, I would expect that 'n' equal to 3 would give a suitable combined stream in that case (assuming the 50% of random bits *are* random of course) 2 is possibly good enough, but I would probably over-engineer at 3, in case one pool went non-random. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]