Re: Intel announcements at RSA '99

Mok-Kong Shen (mok-kong.shen@stud.uni-muenchen.de)
Fri, 22 Jan 1999 18:01:38 +0100

• Next message: James A. Donald: "Re: Intel announcements at RSA '99"
• Previous message: David Honig: "Re: Intel announcements at RSA '99"
• In reply to: Mok-Kong Shen: "Re: Intel announcements at RSA '99"
• Next in thread: David Honig: "Re: Intel announcements at RSA '99"
• Reply: David Honig: "Re: Intel announcements at RSA '99"

David Honig wrote:
>
> At 11:42 AM 1/22/99 +0100, Mok-Kong Shen wrote:
> >one wants to be more certain. BTW, I suppose that it is always
> >a good idea to mix the output of a hardware RNG with that of a
> >software PRNG.
> >
> >M. K. Shen
>
> Hmm. This must be done correctly; otherwise the PRNG can introduce
> structure into the output stream. Remember that an RNG conditioning
> algorithm,
> unlike a PRNG, does *not* appear random by itself, and will never fool a
> random-test,
> whereas a PRNG may. Because the PRNG can hide a RNG failure, this might
> be a bad idea.

I hope you would kindly explain a bit of what you mean by 'hide a
failure'. I suppose if something is hidden and can't be detected by
all means available, then that same thing shouldn't be exploitable
by the analyst (almost 'by definition'). BTW, which tests to use is
itself a debatable issue in practice, I am afraid.

M. K. Shen

• Next message: James A. Donald: "Re: Intel announcements at RSA '99"
• Previous message: David Honig: "Re: Intel announcements at RSA '99"
• In reply to: Mok-Kong Shen: "Re: Intel announcements at RSA '99"
• Next in thread: David Honig: "Re: Intel announcements at RSA '99"
• Reply: David Honig: "Re: Intel announcements at RSA '99"