Lodewijk andré de la porte writes: > I don't see how it could reduce the randomness to XOR with patterned data. > If someone knows better of this, let me know. If I'm correct that also > means it should be okay to reuse the few KB's should they ever run out (in > this system), at worst it no longer improves the randomness. I don't expect > that to ever happen, and I'd prefer requesting new KB's, but it's still > interesting.
DJB describes a more complicated scenario in which an active attacker manipulates one source of entropy in order to reduce the unpredictability of the overall output. http://blog.cr.yp.to/20140205-entropy.html I guess the other bad case is where both sources are systematically correlated in some way (that doesn't change their overall statistics individually, and that an attacker wouldn't otherwise have been able to notice). It's hard to see a path to that in this case. But you could certainly construct an artificial scenario where it's true. DJB also announced a randomness-generation mailing list in that post; I'm not sure what level of participation it's gotten, but that might be another good place to bring up this topic. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
