[cryptography] Tossing randomness back in?

mheyman at gmail.com mheyman at gmail.com
Sat Apr 23 08:13:23 EDT 2011

On Tue, Apr 19, 2011 at 12:55 AM, Marsh Ray <marsh at extendedsubset.com> wrote:
> You do not need to decrement the entropy estimate of the pool
> as you generate random numbers from it...IIRC, Peter Gutmann
> was using the term "computational entropy" to refer to the
> entropy seemingly generated within the hash function. But I don't
> think he was willing to go all the way to conclude that the pool
> entropy was nondecreasing.
As well he shouldn't. The entropy of the pool does decrease because
the number of possible states it can be in reduces upon every update
(up to a point). The 'conditional computational entropy' (that entropy
experienced by real hardware with bounded performance and memory)
doesn't decrease because there is no way for real hardware to
enumerate all possible states of the pool and remove those it can no
longer be in after an iteration.
-Michael Heyman

More information about the cryptography mailing list