bram (bram@gawth.com)
Sun, 24 Jan 1999 21:37:17 -0800 (PST)
On Sun, 24 Jan 1999, James A. Donald wrote:
> Since this is Intel, let us also consider the possibility of
> bungling, rather than NSA pressure.
Fair enough.
> Suppose our underlying truly random noise source generates
> 75% zeros, and sometimes, at random, a one bit.
Then you take the actual level of entropy into account, and apply the
appropriate cryptographic processing to it's output. Using an entropy
source 'raw' is always dangerous.
In the case you give, it would suffice to send 320 bits into a CSPRNG
before trusting it's output rather than the 160 you would need from a
'perfectly random' source.
-Bram
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:05