Re: Computational secure entropy extraction
From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 10/29/04
- Previous message: David Wagner: "Re: Computational secure entropy extraction"
- In reply to: Ernst Lippe: "Re: Computational secure entropy extraction"
- Next in thread: Ernst Lippe: "Re: new /dev/random"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Oct 2004 21:01:38 +0000 (UTC)
Ernst Lippe wrote:
>On Fri, 29 Oct 2004 18:46:22 +0000, David Wagner wrote:
>> Ernst Lippe wrote:
>>>For the entropy distiller D() we take a PRF. This implies when an
>>>attacker wants to know t different outputs of D() he has to do at least
>>>O(t) work.
>>
>> Can you explain what you mean by that second sentence? I'm not sure of
>> your meaning.
>
>As far I understand the random oracle model, it implies
>that if you want to know the value for t different inputs
>you will have to make at least t queries to the oracle.
What does the random oracle model have to do with anything? You were
talking about a PRF, not a random oracle.
- Previous message: David Wagner: "Re: Computational secure entropy extraction"
- In reply to: Ernst Lippe: "Re: Computational secure entropy extraction"
- Next in thread: Ernst Lippe: "Re: new /dev/random"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
