On 28 Jul 2014 18:23 +0200, from [email protected] (Lodewijk andré de la porte): > If I XOR probably random data with good enough random data, does that > result in at least good enough random data?
If you are truly concerned, have you considered implementing a proper CSPRNG yourself in Javascript (or using someone else's implementation of the same; I'm sure they are out there) and seeding that PRNG with randomness from both sides of the communications channel? It'd be a bit less obvious to the casual code viewer what's going on, but you would seem to have a much better shot of guaranteeing a particular level of randomness provided to whatever uses the PRNG. -- Michael Kjörling • http://michael.kjorling.se • [email protected] OpenPGP B501AC6429EF4514 http://michael.kjorling.se/public-keys/pgp “People who think they know everything really annoy those of us who know we don’t.” (Bjarne Stroustrup) _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
