On Wed, Jul 26, 2017 at 11:58 AM, Martin Rex <m...@sap.com> wrote: > With RDRAND, you would use e.g. SHA-256 to compress 10*256 = 2560 Bits of > a black-box CPRNG output into a 256-bit _new_ output that you > actually use in communication protocols. >
If the relation between the RDRAND input and the output of your function is fixed, then your attacker than just do the same thing. It doesn't help at all really. You have to mix RDRAND with something else that is unknowable to the attacker as part of the process. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
