On Tue, Jul 23, 2013 at 08:31:16AM +0200, Yan Zhu wrote:
Is there a secure way to timeshare a single entropy source such as an entropy key? High-quality entropy sources are often fragile, expensive, or difficult to manufacture and maintain. If Alice has a friggin' amazing entropy source, and Bob wants to use it from afar, what would be the best way for Alice to let Bob retrieve data from the entropy source when she wasn't using it?
If Bob requires *really* *great* entropy, why would he trust a network link (secured with a non information theoretically secure cipher such as AES) to transmit his entropy securely? If Bob is willing to trust merely computationally secure methods such as private key cryptography, he should gather "less high quality" entropy locally, using a pool implementation with good mixing, and trust that. In short -- asking someone else to generate your random numbers is, of course, a state of sin. -andy