### Re: combining entropy

On Sat, Oct 25, 2008 at 12:40 PM, IanG [EMAIL PROTECTED] wrote: Jonathan Katz wrote: I think it depends on what you mean by N pools of entropy. I can see that my description was a bit weak, yes. Here's a better view, incorporating the feedback: If I have N people, each with a single

### Re: combining entropy

On 10/25/2008 04:40 AM, IanG gave us some additional information. Even so, it appears there is still some uncertainty as to interpretation, i.e. some uncertainty as to the requirements and objectives. I hereby propose a new scenario. It is detailed enough to be amenable to formal analysis. The

### Re: combining entropy

Alas on 10/25/2008 01:40 PM, I wrote: To summarize: In the special sub-case where M=1, XOR is as good as it gets. In all other cases I can think of, the hash approach is much better. I should have said that in the special sub-case where the member word has entropy density XX=100% _or_ in

### Re: combining entropy

John Denker [EMAIL PROTECTED] wrote: To say the same thing in more detail: Suppose we start with N generators, each of which puts out a 160 bit word containing 80 bits of _trusted_ entropy. That's a 50% entropy density. So you need a 2:1 or heavier compression that won't lose entropy. If

### Re: data rape once more, with feeling.

Usability research about how to track web users? How Google-like. Can't you just dump a 25-year cookie on them from twelve different directions, and be done with it? Federated Login has been a holy grail in the identity community for a long time. We have known how to do the technical part

### Cloning resistance in bluetooth

Suppose one has a system that automatically signs you on to anything if your cell phone is within bluetooth range of your computer, and automatically signs you off out of everything, and puts up a screen saver that will not go away, when your cell phone is out of range of your computer. What

### Re: Who cares about side-channel attacks?

Peter Gutmann wrote: In fact none of the people/organisations I queried about this fitted into any of the proposed categories, it was all embedded devices, typically SCADA systems, home automation, consumer electronics, that sort of thing, so it was really a single category which was

### Rubber-hose cryptanalysis?

http://news.cnet.com/8301-13739_3-10069776-46.html?tag=mncol --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

### Cryptologic History Symposium: Call for Papers

Forwarded with permission. --- From: Sieg, Kent G [EMAIL PROTECTED] Subject: Symposium Call for Papers Date: Mon, 27 Oct 2008 10:23:50 -0400 Just sending notice of our upcoming Symposium, especially if you can present or know of a colleague who would like to do so. Dr. Kent Sieg The

### Re: combining entropy

On Sat, 25 Oct 2008, John Denker wrote: On 10/25/2008 04:40 AM, IanG gave us some additional information. Even so, it appears there is still some uncertainty as to interpretation, i.e. some uncertainty as to the requirements and objectives. I hereby propose a new scenario. It is detailed