Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It is also important that the entropy sources are independent. For example, if RDRAND were defined in terms of /dev/xrandom, say by just flipping its bits, then doing

(secret bits) xor (bits from /dev/xrandom) xor (bits from RDRAND)

is very weak encryption. But of course, there is no reason to believe RDRAND is dependent on any of the usual random sources.



> (secret bits) xor (bits from /dev/xrandom) xor (bits from RDRAND)

> is very weak encryption.

It's as strong as the strongest source. This easily proven mathematically.


The mathematical result I think you are referring to is: any uniformly distributed random variable xored with any other independent random variable yields a uniformly distributed random variable. On the other hand, if we take the strongest random source in the universe, say X, and xor X with itself we get:

X xor X = 0

The result is just a sequence of zeros, which is not "as strong as the strongest source". In practice, people may take lots of different "random" sources as input to their random generators to make them "more" random. But if you don't take care to check if they are independent, you may have a problem.


On the contrary, the above computes exactly the identity cipher: your "ciphertext" is your plaintext.

Mathematical results will lead you to surprising conclusions if apply them in the wrong context!




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: