|
|
|
|
|
|
by panarky
638 days ago
|
|
|
It's curious that only one HWRNG can be current at once. Because adding more sources of randomness, even if they're lower quality, can't reduce the total randomness. If the quality of HWRNG-A is 400 and HWRNG-B is 600, the quality of XOR(HWRNG-A, HWRNG-B) will be greater than 600. |
|
|
SHA256(32B from HWRNG-A || 32B from HWRNG-B)
still guarantees you 32 bytes of entropy if either HWRNG-A or HWRNG-B is compromised, and if HWRNG-A and HWRNG-B are both partially compromised you also get 32 bytes of entropy. XOR has weird failure modes (eg if HWRNG-A and HWRNG-B are correlated).