> From: [email protected] [mailto:discuss- > [email protected]] On Behalf Of Kent Borg > > Being reversible is key, it means no entropy > was lost.
While it's true that being reversible means no entropy was lost, it's definitely not a requirement. For example, one of the requirements for a one-way hashing algorithm such as SHA to be considered unbroken and still secure, is that the result of the hash be deterministic, yet indistinguishable from a random mapping from the input set to the output set, for any combination of different inputs. This means, you could take your input entropy, apply a non-reversible crypto hash to it, and use the result to select your random words. No entropy is lost, but it's not reversible. Case and point: If you were reading from /dev/random, that is true entropy. But you stated you're reading from /dev/urandom, which is not true entropy. It's cryptographic strength pseudo-random, which is derived using a lot of techniques, primarily revolving around crypto hashing. The random data that you're using for input is in fact, the output of crypto hashing, which was used to mask and stretch the true entropy gathered from your hardware entropy sources. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
