Apologies for the name I’ve been sending under. I don’t represent Oracle of course. A temporary new MUA that isn’t quite doing what I expected.
Pauli > On 8 May 2018, at 7:33 pm, Oracle <[email protected]> wrote: > > Kurt wrote: > >> The comment about not hashing it is if you want to use the tool to >> do entropy estimation. Hashing it will not increase the entropy, >> but the estimation will be totally wrong. > > >> Passing the hashed data to the drbg as entropy input is fine if >> you already know how much entropy that it contains. > > > This is spot on. Hash the data and it will appear to have eight bits per > byte of entropy regardless of the input. The estimate output from NIST’s > suite will be around 7.8 bits per byte but that’s close enough. The > standards refer to this as “whitening”. It is fine to whiten the entropy > data before passing it to the DRBG but the entropy estimate must be based on > the pre-whitened data. > > > Pauli > > > > > _______________________________________________ > openssl-project mailing list > [email protected] > https://mta.openssl.org/mailman/listinfo/openssl-project _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
