Re: [cryptography] Weak random data XOR good enough random data = better random data?

On 4 September 2014 08:46, Aaron Toponce wrote: > There are a couple things that you can do for older browsers that don't > support > crypto.getRandomValues(): > > 1. You can build your own CSPRNG using either Blum Blum Shub or Blum >Micali. In both cases, the CSPRNG is slow, and you'

Re: [cryptography] Weak random data XOR good enough random data = better random data?

On Mon, Jul 28, 2014 at 06:23:12PM +0200, Lodewijk andré de la porte wrote: > I'm working on some Javascript client side crypto. There's a cryptographic > quality random generator present in modern browsers, but not in older ones. > I also don't trust browsers' random generators' quality. > > I'd

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Not really. At minimum it's 2^128 bytes. But it's probably closer to 2^160. On Thu, Sep 4, 2014 at 12:37 AM, Givon Zirkind wrote: > forgive me for jumping into the middle of the conversation. but, if > memory serves, such a scheme is limited to 2^128 bytes. then, the counter > repeats. whic

Re: [cryptography] Weak random data XOR good enough random data = better random data?

isn't the simplest solution would be to concatenate or XOR a counter? Thus H[0] = Hash(input) H[N] = Hash(H[N-1]+CTR) considering that hashes from MD4 to SHA-2 all have block sizes of 512 bits, much larger than their outputs, one could simply concatenate a 128-bit counter. ___

Re: [cryptography] Weak random data XOR good enough random data = better random data?

On Mon, Jul 28, 2014 at 9:23 AM, Lodewijk andré de la porte wrote: > If I XOR probably random data with good enough random data, does that > result in at least good enough random data? > Yes, in fact, it's provably at *least* as random as the most random of the two data sources: https://en.wiki

Re: [cryptography] Weak random data XOR good enough random data = better random data?

From: Lodewijk andré de la porte Subject: Re: [cryptography] Weak random data XOR good enough random data = better random data? Come to think of it, is there or why isn't there a block-cipher mode that chains using a hashing algorithm? The main reason would be difficulty in proving sec

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Come to think of it, is there or why isn't there a block-cipher mode that chains using a hashing algorithm? ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Thanks for the responses everyone! Reg. making a CSPRNG in JS: I don't have experience and wouldn't trust it. Using someone else's is even worse, I find other's often do things even worse (somehow). And seeding it would sort of have moved the problem rather than solving it. A PRNG shouldn't be abl

Re: [cryptography] Weak random data XOR good enough random data = better random data?

On 2014-07-29 02:23, Lodewijk andré de la porte wrote: Hey everyone, If I XOR probably random data with good enough random data, does that result in at least good enough random data? Yes, but other mixing functions are better. Best to hash all streams together, rather than xor them together.

Re: [cryptography] Weak random data XOR good enough random data = better random data?

You're talking about two different things here. As others have said, if you XOR good random with 'not very good but non-malicious random' - you are unlikely to reduce the entropy. (And as Seth said, if you XOR good random with malicious random (e.g. a trojaned RDRAND instruction) you're in bad sh

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Lodewijk andré de la porte writes: > I don't see how it could reduce the randomness to XOR with patterned data. > If someone knows better of this, let me know. If I'm correct that also > means it should be okay to reuse the few KB's should they ever run out (in > this system), at worst it no longe

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Den 28 jul 2014 18:23 skrev "Lodewijk andré de la porte" : > > Hey everyone, > > If I XOR probably random data with good enough random data, does that result in at least good enough random data? > > I'm working on some Javascript client side crypto. There's a cryptographic quality random generator

Re: [cryptography] Weak random data XOR good enough random data = better random data?

On 28 Jul 2014 18:23 +0200, from l...@odewijk.nl (Lodewijk andré de la porte): > If I XOR probably random data with good enough random data, does that > result in at least good enough random data? If you are truly concerned, have you considered implementing a proper CSPRNG yourself in Javascript (

Re: [cryptography] Weak random data XOR good enough random data = better random data?

On 7/28/2014 12:23 PM, Lodewijk andré de la porte wrote: Hey everyone, If I XOR probably random data with good enough random data, does that result in at least good enough random data? I'm working on some Javascript client side crypto. There's a cryptographic quality random generator presen

[cryptography] Weak random data XOR good enough random data = better random data?

Hey everyone, If I XOR probably random data with good enough random data, does that result in at least good enough random data? I'm working on some Javascript client side crypto. There's a cryptographic quality random generator present in modern browsers, but not in older ones. I also don't trus