Bram Cohen bram at GAWTH.COM
Sun Sep 23 01:04:24 CEST 2001

On Sat, 22 Sep 2001, Itamar S.-T. wrote:

> What you are suggesting is an API for a single
> standalone entropy source that is the "standard". It
> doesn't take into account multiple sources

There are a number of counterintuitive properties of random number
generation, which are summarized pretty well in this paper -


Random data from multiple sources can always be consolidated into a single
random number stream which is as cryptographically sound as the strongest
of the sources. Also, there's no need to block on new output once a
sufficient amount of entropy has been collected initially.

I'll happily write a PRNG kernel which handles entropy collation and
output generation properly if you need an example. The actual insertion of
entropy is, of course, a separate and necessarily platform-dependant

-Bram Cohen

"Markets can remain irrational longer than you can remain solvent"
                                        -- John Maynard Keynes

More information about the python-crypto mailing list