Re: [dsfjdssdfsd] Any plans for drafts or discussions on here?

Michael Hammer <> Sat, 25 January 2014 16:16 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id ABF0A1A03C4 for <>; Sat, 25 Jan 2014 08:16:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.436
X-Spam-Status: No, score=-2.436 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9a7du2bp0dCa for <>; Sat, 25 Jan 2014 08:16:35 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id A0DB21A039E for <>; Sat, 25 Jan 2014 08:16:35 -0800 (PST)
Received: from ([fe80::149d:c2e1:8065:2a47]) by ([::1]) with mapi id 14.03.0123.003; Sat, 25 Jan 2014 08:16:33 -0800
From: Michael Hammer <>
To: "" <>
Thread-Topic: [dsfjdssdfsd] Any plans for drafts or discussions on here?
Thread-Index: AQHPFik7i/q5nfCSa0yR/K7nGCDgcJqOvseAgAArLACAAqUWgIAAqIaAgAEY5AD//3wacIAApM6A//+D2yCAAbCvgIAA/mZA
Date: Sat, 25 Jan 2014 16:16:32 +0000
Message-ID: <>
References: <> <> <> <> <03f201cf17ee$e34ccbf0$a9e663d0$> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-originating-ip: []
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0081_01CF19A5.C1435F70"
MIME-Version: 1.0
Cc: "" <>, "" <>
Subject: Re: [dsfjdssdfsd] Any plans for drafts or discussions on here?
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 25 Jan 2014 16:16:37 -0000

So, if you mix a non-random input with a random input, 
using a deterministic algorithm, the output will be more random?
That doesn't seem right to me.

We can't control the randomness of the input data, 
but the other inputs to an encryption or hashing algorithm are my concern.

Michael Hammer
Principal Engineer
Mobile: +1 408-202-9291
500 Yosemite Drive Suite 120
Milpitas, CA 95035 USA

-----Original Message-----
From: Krisztián Pintér [] 
Sent: Friday, January 24, 2014 9:02 AM
To: Michael Hammer
Subject: Re: [dsfjdssdfsd] Any plans for drafts or discussions on here?

Michael Hammer (at Friday, January 24, 2014, 12:19:03 AM):
> Hmmm...  that makes it sound rather subjective.
> If we don't have objective measures,
> then who is to say that one's randomness is better or worse than another?

as i said, we need to examine the physical processes. the best source of
entropy as of now is thermal noise. we understand thermal noise to a great
degree, we don't expect sudden breakthrough in modeling it, and it is
relatively abundant and easy to access. user input also contains noise, as
the user can control keystroke or mouse movement timing up to some 10's or
100's of milliseconds, below that, it is just noise from the equipment and
the "biological equipment".

> Was thinking in terms of how an app with access to alternate random 
> sources, some which might be from OS or from some software, might 
> choose one over another.

if you are adamant on doing homebrewed, why choose? you can combine them. if
your combinator is good, you can't lose.