Cryptography-Digest Digest #198, Volume #9 Sun, 7 Mar 99 12:13:03 EST
Contents:
Re: Random Generator (Guenther Brunthaler)
Scramdisk/DATMAN ("hapticz")
Re: Scramdisk lockups, more test data (Aman)
Re: Scramdisk - paranoia (Aman)
Re: Entropy and Crypto-Grade Randomness (Bryan Olson)
Encyption for windows ("Terry Mechan")
Has anyone given easy-to-understand descriptions of encryption methods?
([EMAIL PROTECTED])
Announcing 2nd version of Caveo - free transparent disk encryption
([EMAIL PROTECTED])
Re: Has anyone given easy-to-understand descriptions of encryption methods? (Henry
Lewsal)
Re: Client-server encryption key negotiation...? (KloroX)
Re: Doing It Right: The Next Chip Controversy (Howard Goldstein)
Re: Learning crypto (David Hamilton)
Re: New Concepts on Pseudorandomness (Herman Rubin)
Re: Yarrow (Bruce Schneier)
Re: Entropy and Crypto-Grade Randomness (R. Knauer)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Guenther Brunthaler)
Subject: Re: Random Generator
Date: Sun, 07 Mar 1999 11:04:10 GMT
On Sat, 06 Mar 1999 23:43:29 +0100, Gerben Dirksen
<[EMAIL PROTECTED]> wrote:
>Will you stop argueing please...
>The reason I ask this is because I want to make a program that deals cards
>randomly, or roll dice.
>I know there are books in the university but I'm just a recreational programmer
>not a computer scientist.
>So here's just a simple question: Is there a simple way to improve the random
>generator in C++? Does it already use the timer? If not I can think of a way to
If it's really just about rolling dice, any linear congruency RNG
should be sufficient. See my article in the thread "Non linear dynamic
systems random number generator" for more details.
OTH, if you want a cryptographic PRNG, it's the best way to
1. Collect as many random bits as you can get as seed data.
2. Normalize the available seed data by using an appropriate
cryptographic hash function.
3. Run a non-reversible cryptographic Hash-Function in the same way as
an encryption-function and encrypt one block of seed to get the next
one. Before outputting each seed block as random data, "wash" it by
hashing it using a different hash function.
For point 1, here are some ideas how to collect random data without
requiring the user to provide some:
1. Use all dynamic stata data available from the standard C/C++
runtime support routines, such as date, time, clock(), locale
information.
2. Use OS-specific enhancements, if you want: Version information
about the OS, more specific country/locale information, user
information, number of processors available, number of
threads/processes currently running, sizes of the current stack and
process working set, memory configuration, mouse coordinates...
3. Use hardware-specific data, if appropriate: CPU
Performance-Counters, CPU-ID, Networking-Card Hardware address,
current value of the DRAM refresh counter, current raster-beam
position of the video card, current display memory contents, ...
4. Use "uninitialized" data if you are working under a language that
provides some, like 'C': Define an 'volatile auto'-array of data,
assign its address to a global 'volatile' data pointer (this makes it
impossible even for the best optimizer to detect that uninitialized
memory will be read definitively - even though a warning may be
displayed) and read its contents without ever initializing it... This
method is quite simple, but unfortunately its effectiveness relies on
the way the stack is used by the current language implementation/OS.
In the worst case, it produces constant data at each invocation.
Greetings,
Guenther
--
Note: the 'From'-address shown in the header is an Anti-Spam
fake-address. Please remove 'nospam.' from the address in order
to get my real email address.
In order to get my public RSA PGP-key, send mail with blank body
to: [EMAIL PROTECTED]
Subject: get 0x2D2F0683
Key ID: 2D2F0683, 1024 bit, created 1993/02/05
Fingerprint: 11 71 47 2F AF 2F CD F4 E6 78 D5 E5 3E DD 07 B5
------------------------------
From: "hapticz" <[EMAIL PROTECTED]>
Subject: Scramdisk/DATMAN
Date: Mon, 1 Mar 1999 08:03:21 -0500
this combination apparently does not function well. it appears to set the
.svl file to zero bytes on the datman tape. entire file was unretrievable
and inaccessable
--
best regards
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Aman)
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk lockups, more test data
Date: Sun, 07 Mar 1999 11:35:44 GMT
On Sun, 07 Mar 1999 02:44:02 GMT, [EMAIL PROTECTED] (Jeff Millar)
wrote:
>I booted W98 into safe mode to try scramdisk in a simpler environment.
>The mount command worked to the extent that one of the folders changed
>it's icon...I've not gotten that far before. But, at the first click
>on the folder, the machine locked up hard.
>
>looking for ideas....
>
Are you using Scramdisk version 2.02G ?
Have you installed freeware ENHANCED IDE drivers on your machine ?
There has been reported instances of very rare problems with these...
Aman.
------------------------------
From: [EMAIL PROTECTED] (Aman)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Scramdisk - paranoia
Date: Sun, 07 Mar 1999 11:43:15 GMT
On 5 Mar 1999 04:15:07 -0000, HyperReal-Anon
<[EMAIL PROTECTED]> wrote:
>On Thu, 4 Mar 1999 11:23:50 -0000 "Sam Simpson"
><[EMAIL PROTECTED]> wrote:
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>Sorcerer,
>>
>>Sure. I wasn't trying to imply that it was bug free (we are well
>>aware that it isn't <g>), but it is very certainly an improvement
>>over previous versions.
>>
>>I'm concerned about your reports of problems (I suspect a SW
>>config). Out of interest what HW are you running on?
>
>Intel P133, with Zip and Jaz and two printers and a scanner and
>realaudio and PGP 6 and clipmate etc. etc. I've tried shutting things
>down, but haven't tracked the conflict down yet. Next time it happens,
>I'll reboot into safe mode to test it.
>
>My laptop doesn't seem to have the problem. And it doesn't always
>happen (it didn't this evening) on the desktop.
>If I can figure it out, I'll certainly let you know.
>
>The program that makes Scramdisk think that there are files open (there
>aren't) is TabWorks, which seems to try to keep disk directories
>updated.
>Shutting down Tabworks prevents the shutdown problem.
Tabworks will have kept some file open, until it is told to quit...
It only needs one you know... If it opens a config file for example,
and relies on windows to close it, when the app is terminated, the
objection will be made, if you brutally remove the disk....
>
>>We would like to tie this problem down to a specific piece of
>>software if possible, but that may mean disabling / uninstalling
>>your system piece by piece :-(
>
>Within limits, I'm already trying that. But Windoze Plug'n'Play being
>what it is, I'm reluctant to remove devices. As I say, the problem is
>not consistent, and I certainly let you know if I figure it out.
If there are hardware drivers involved, you can usually disable them,
in particular hardware profiles, even if there is just one.
This will have the effect of rendering the driver dormant, for testing
purposes without uninstalling it..
There has been much call for the source code for version g, but I am
thinking of releasing a version H soon, which will have the option to
disable the shutdown checks for those who never had trouble before..
I have had a lot of people complaing about it!
This would be especially useful for Win98 users with Fast shutdown..
I am currently also looking into a few _very rare_ instances of
problems with third party enhanced IDE drivers...
Regards,
Aman.
>
>And I want to reassure you that I still thinks that Scramdisk a great
>contribution to PC security. I wouldn't be without it.
>>
>>
>>Regards,
>>
>>- --
>>Sam Simpson
>>Comms Analyst
>>http://www.scramdisk.clara.net/ for ScramDisk hard-drive
>>encryption & Delphi Crypto Components. PGP Keys available at the
>>same site.
>>If you're wondering why I don't reply to Sternlight, it's because
>>he's kill filed. See http://www.openpgp.net/FUD for why!
>>
>>
>>Sorcerer wrote in message
>><[EMAIL PROTECTED]>...
>>>On Wed, 3 Mar 1999 12:52:24 -0000 "Sam Simpson"
>>><[EMAIL PROTECTED]> wrote:
>>>
>>>>-----BEGIN PGP SIGNED MESSAGE-----
>>>>Hash: SHA1
>>>>
>>>>(Crossposted to c.s.p.d & a.s.p because they may be
>>>>interested....)
>>>>
>>>>I do have to agree.... It is worth some thought.
>>>>
>>>>Lets look at some of your individual points:
>>>>
>>>>1) Source code for 2.02g. As mentioned in the recent ScramDisk
>>>>"news letter": (copy available at
>>>>http://www.scramdisk.clara.net/other/newslet1.txt)
>>>>
>>>>"v2.02g
>>>>======
>>>>
>>>>Seems very stable. Since the 17th of November 1998 we have had
>>>>very few reports of problems. There appears to be some
>>conflict
>>>>between the Red Screen mode and certain specific ATI drivers.
>>>>
>>>Well, I do have one. it's not serious enough to make me switch,
>>but it
>>>can be irritating: occasionally, when I first start Scramdisk,
>>I get a
>>>full reboot, all the way to the BIOS. Retrying it gets me a 0E
>>>bluescreen error with no reboot a few times; another reboot,
>>and
>>>everything works fine. I do have lots of stuff, including
>>>Norton,Realaudio,F-Prot and clipmate running; haven't figured
>>out if
>>>any of those are causing it. But they don't on the third or
>>fourth
>>>reboot.
>>>
>>>And the only way I can dismount disks is via brutal, which
>>causes a
>>>blue error screen.
>>>
>>>I can live with it, but it's not perfect (yet).
>>
>>
>>-----BEGIN PGP SIGNATURE-----
>>Version: PGP 6.0.2
>>
>>iQA/AwUBNt5tQ+0ty8FDP9tPEQKVbgCcDE9+JCJJCvUZ9XNr6R18EoodRbIAoJEm
>>TR2o5p3xbYu6B6NfRmYXLMEk
>>=jg84
>>-----END PGP SIGNATURE-----
>>
>>
>>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: Entropy and Crypto-Grade Randomness
Date: Sun, 07 Mar 1999 04:22:38 -0800
R. Knauer asked:
> Here are a few questions about Shannon entropy and crypto-grade
> randomness:
>
> What is the entropy of Champernonwe's number (base 10)? Does the
> entropy of that number make it a good choice for a TRNG?
Entropy is a property of probability distributions and the events
in them. If the probability of using a specific number is one,
then the entropy is zero and it's not suitable as a TRNG.
> What is the entropy of pi? Does the entropy of that number make it a
> good choice for a TRNG?
As above.
> Does entropy measure correlation? If not, why is it of any real value
> to crypto?
Sort of. "Mutual information" is closely related to correlation.
The mutual information of two events (or random variables) is 0 if
and only if they are independent. The mutual information of two
random variables is equal to their joint entropy if and only if
each uniquely determines the other.
> What does entropy have to do with true randomness?
Entropy gives a precise definition to the intuitive notion of
true randomness.
> Is maximal entropy
> both a necessary and sufficient condition for true randomness?
That depends on what one means by "true randomness".
--Bryan
------------------------------
From: "Terry Mechan" <[EMAIL PROTECTED]>
Subject: Encyption for windows
Date: Sun, 28 Feb 1999 11:35:01 +0700
A powerful encryption programme for windows files and folders can be
downloaded from
http://www.tmechan.freeserve.co.uk/
European in design, construction and patent, it is not subject to any export
restrictions,
IDEA operates on 64-bit data blocks using a 128-bit key. To date, no method
of cracking IDEA
faster than exhaustive key search (brute force) has been discovered.
As an example of IDEA's strength, imagine an incredibly fast computer that
can brute force a 56-bit
DES key in 1 second. This computer would take upto 194 days to crack a
80-bit key, like the one
used by the NSA Skipjack cipher, and up to 149745258842898 years to crack a
128-bit IDEA key.
Regards
TJM
------------------------------
From: [EMAIL PROTECTED]
Subject: Has anyone given easy-to-understand descriptions of encryption methods?
Date: Sun, 07 Mar 1999 11:20:24 GMT
Dear Cryptologers,
I've been searching the Web and Usenet for some time, but I have not found
what I've been looking for--a detailed description of encryption methods in
language that I can understand. It would be nice to read a description of a
particular algorithm, say blowfish, broken down into steps and described in
terms understandable to people who don't already know the jargon of
cryptography or advanced mathematics. I'm particularly confused by P-arrays
and S-boxes.
Please don't refer me to the FAQ. I've looked at it, and it confuses me as
much as everything else. I'm looking for something easier, and I'd
appreciate all the help I can get.
Pharamond
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To:
comp.os.ms-windows.programmer.nt.kernel-mode,comp.os.ms-windows.programmer.win32
Subject: Announcing 2nd version of Caveo - free transparent disk encryption
Date: Sun, 07 Mar 1999 13:55:11 GMT
What�s new in this version:
* There is now full support for removable drives, including CDROM, floppy,
Zip, SuperDisk and others.
* Complete support for SFS volumes, both read and write + create.
* Support for Raw partitions on either hard disk or floppy.
* A recently used list has been added to the format and mount GUI's. This
means that the last 8 volumes that had been mounted or formatted are
available to you automatically, without you needing to retype their names.
Available from www.skygate.co.uk/caveo/caveo.html
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Henry Lewsal <[EMAIL PROTECTED]>
Subject: Re: Has anyone given easy-to-understand descriptions of encryption methods?
Date: Sun, 07 Mar 1999 06:17:46 -1000
[EMAIL PROTECTED] wrote:
Has anyone given easy-to-understand descriptions of encryption methods?
One answer:
No. It is not easy to understand. It difficult to understand.
It takes time and attention to read the papers. A student
can go back to more basic studies to get the needed knowledge.
You can do background reading about logic gates like exclusive-or.
Please read about computer memory types. There are read-only memories
which can be used for cryptography. Also, random access memory is
used. Adders should be understood as an early step. Learn how
to write simple computer programs using boolean logic.
After you know some basics, the cryptographic tutorials will be
more easily understandable. If you concentrate on the work for
many hours, then you can someday understand it.
------------------------------
From: [EMAIL PROTECTED] (KloroX)
Subject: Re: Client-server encryption key negotiation...?
Date: Sun, 07 Mar 1999 15:06:48 GMT
Reply-To: [EMAIL PROTECTED] (this is spam bait)
On Sun, 07 Mar 1999 07:27:25 GMT, [EMAIL PROTECTED] (Paul Pedriana)
wrote:
>Say you have a client and server on a network and they
>want to start a secure communication between each other.
>It makes sense to me that the client and server can
>communicate with encrypted data to prevent others from
>reading the communications.
>
>The problem is that the client and server need to set
>up a key to use for encryption/decryption. How can they
>agree on a key in a secure way. It seems that if the
>server merely sends the key, a packet sniffer can
>easily obtain it.
>
>How do you do this kind of client server secure communications?
>
>Paul
Easy. You use a public key algorithm to exchange the secret key. Next
comes the problem of foiling man-in-the-middle attacks, which is not
as trivial. The only practical way is to use some sort of
authentication certificate, and this means the certificate must be
given to the client in a reasonably secure way.
------------------------------
From: [EMAIL PROTECTED] (Howard Goldstein)
Date: Sun, 07 Mar 1999 15:30:55 GMT
Subject: Re: Doing It Right: The Next Chip Controversy
Reply-To: [EMAIL PROTECTED]
On Thu, 4 Mar 1999 06:44:07 -0500, Jay <[EMAIL PROTECTED]> wrote:
: There is a product (I can't remember the name) that has a securing ID in a
: sealed coinlike device.
Dallas Semiconductor makes (made?) a product and matching socket sort
of fitting with this description. A button-like device with a 2 wire
protocol that sent a serial number laser burned into the "button" down
the link. Don't recall it as having been secured in any way...
--
The ants are my friends, they're blowing in the wind
------------------------------
From: [EMAIL PROTECTED] (David Hamilton)
Crossposted-To: alt.security.pgp
Subject: Re: Learning crypto
Date: Sun, 07 Mar 1999 16:25:10 GMT
=====BEGIN PGP SIGNED MESSAGE=====
"Madelyn E Barron" <[EMAIL PROTECTED]> wrote:
>I am new to the field of cryptology, and I would like to learn more about
>it. I have been programming in Delphi since it was released. Any
>information on how I can learn more would be greatly appreciated. Anything
>from books & papers, colleges and source codes.
>
>Thank you for your time.
Madelyn - If you're not excluding the internet as sources of information, try
the following web sites:
http://www.rsa.com - this contains a truly excellent FAQ.
http://www.io.com/~ritter - Terry Ritter's site: good stuff.
http://axion.physics.ubc.ca/crypt.html - Bill Unruh's site: good stuff.
http://www.stack.nl/~galactus - Galactus's site: excellent.
http://freenet.edmonton.ab.ca/~jsavard/index.html - John Savard's good site.
http://www.counterpane.com/ - the Bruce Schneier/Counterpane site.
http://www.cs.auckland.ac.nz/~pgut001/tutorial/ - Peter Gutmann's tutorial.
There is a very well known book called 'Applied Cryptography; Protocols,
Algorithms, and Source Code in C' by Bruce Schneier (this book is almost the
'Bible' of cryptography). You may not be interested in the C code (I wasn't!)
but the rest of the book might interest you ... and there are hundreds of
references to other sources.
One danger you face is the vast quantity of material available. Check out the
free ones first using the internet, libraries, bookshops etc in order to see
if you find a particular source interesting.
And, when it comes to cryptography programs, the most famous is PGP; you
might want to try it out. (It's free for personal use.)
Good luck and enjoy yourself.
David Hamilton. Only I give the right to read what I write and PGP allows me
to make that choice. Use PGP now.
I have revoked 2048 bit RSA key ID 0x40F703B9. Please do not use. Do use:-
2048bit rsa ID=0xFA412179 Fp=08DE A9CB D8D8 B282 FA14 58F6 69CE D32D
4096bit dh ID=0xA07AEA5E Fp=28BA 9E4C CA47 09C3 7B8A CE14 36F3 3560 A07A EA5E
Both keys dated 1998/04/08 with sole UserID=<[EMAIL PROTECTED]>
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
Comment: Signed with 2048 bit RSA key
iQEVAwUBNuKht8o1RmX6QSF5AQGGowf5ASCdiAKwN3p8iZAiFJ8H9EkpF25K9gI/
rudgnJFS0S/1/dYrh74u9uQAqgp0dTOgC3y7P1+6KeEVOHE1vcwIXuORYCtLFs5C
3RTUoRundSmX2Wy+53i6mbFs3+38RISM12LRA2LcdyjnAFtuTxCQ55cuTvMtD3eU
tsCPHp8t8AHeaSn+i7p2KJkafRqdDprGdZv0OwWa0NHMrt5Pf5iDJL/jPlglNI5V
zNSCUMeOEE+YO0LMsj6ZT8jx/HOf46g1yTy5MUhRKmCu4P3Vgu+tAzcSueaBnpIR
D01VY0U168HeSPGCJq87afnPZuTlL9ufKh9oIG1BvDH2E18deGBaug==
=oHu0
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (Herman Rubin)
Subject: Re: New Concepts on Pseudorandomness
Date: 7 Mar 1999 10:33:19 -0500
In article <[EMAIL PROTECTED]>,
Michael Sierchio <[EMAIL PROTECTED]> wrote:
>Herman Rubin wrote:
>> This is not of much use for most of the generators. There are some
>> quite simple ones with seeds on the order of 40,000 bits. But even
>> a seed of 50 bits can give an adequate cycle length. In practice,
>> it is not cycle length which is the problem.
>Cycle length isn't a problem for a statistician, but is a concern
>for a PNRG-based stream cipher, for example.
A cycle length of 2^50 is sufficiently large; it is larger than
10^15, and this is more than the number of bytes needed to produce
all the words in 10^7 volumes of a decent encyclopedia.
BTW, there are statistical situations where more than this is
used. But I doubt that one wants to encrypt that much. It is
easy to get large cycle lengths, but this is not likely to be
the problem.
--
This address is for information only. I do not claim that these views
are those of the Statistics Department or of Purdue University.
Herman Rubin, Dept. of Statistics, Purdue Univ., West Lafayette IN47907-1399
[EMAIL PROTECTED] Phone: (765)494-6054 FAX: (765)494-0558
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: Yarrow
Date: Sun, 07 Mar 1999 16:00:06 GMT
On Sun, 7 Mar 1999 02:01:27 -0000, "David Barton"
<[EMAIL PROTECTED]> wrote:
>Is there a paper on Yarrow describing it in detail other than the
>implementation available from Counterpane. I'm not a C programmer so I'm not
>too keen on trying to disect C code to figure out how it works (the
>details).
We're putting the finishing touches on a paper; expect it on the
website in a week or so.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: Entropy and Crypto-Grade Randomness
Date: Sun, 07 Mar 1999 16:05:45 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 06 Mar 1999 23:00:08 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]>
wrote:
>> What is the entropy of Champernonwe's number (base 10)? Does the
>> entropy of that number make it a good choice for a TRNG?
>I never heard of Champernonwe, and a web search turned up no
>references.
Uh, that was a typo. It's considered gauch to pick on people over
typos on the Internet.
>Numbers don't have "entropy", so I suppose you're
>referring to the sequence of digits in its decimal expansion.
No, I meant what I said. It was a trick question, which you saw thru.
But it is by no means a universally appreciated distinction, since
many people still persist in the belief that you can test the
randomness of a TRNG by testing the statistical properties of its
output. Furthermore, those statistical tests generally only test one
property, namely bit bias. Champernowne's number in base 10 passes
those kinds of tests.
>If it is an interesting number, that would probably be infinite.
Champernowne's number is infinite. It is only normal in base ten when
it is infinite.
>A better measure would be the entropy per digit.
If you wanted to extend the concept of entropy to the number, then the
entropy would always be zero, since once you are given the number
there is only one way it can have the first digit, only one way it can
have the second digit, etc. - and therefore the log (p) would always
be zero for each digit in the number.
>A number is not a RNG. If you mean to take successive digits of the
>decimal expansion (or bits of the binary expansion), if the number's
>representation can be generated upon demand from some simple recipe,
>then it wouldn't be wise to base a cryptographic system on such a
>scheme.
For those who may not know what Champernowne's number is, it is a base
10 number that is normal in the Borel sense, that is, each digit group
is equally represented. All 1- digit groups occur with 1/10 frequency,
all 2-digit groups occur with 1/100 frequency, etc. Champernowne's
number is simply the concatenation of ascsnding digits:
0.123456789101112... 99100101...
>> What is the entropy of pi? Does the entropy of that number make it a
>> good choice for a TRNG?
>Similar comments, with the added problem that pi is one of the first
>numbers one would think of, so it is too easy to guess.
Not only that, because it is computable from a rather simple
expansion, it would probably fail many cryptanalytic attacks.
>> Does entropy measure correlation? If not, why is it of any real value
>> to crypto?
>One can define a "cross-entropy" that to some extent measures
>correlation.
Yeah, but what good does it do?
>Who says that "entropy" is of any real value to crypto?
Hoo boy - are you gonna catch some crap for that one. There are people
on sci.crypt who swear by entropy as the most fundamental
consideration in any discussion of the randomness of a keystream.
And it is the byword in the new area called Quantum Information Theory
(QIT), aka the Physics of Information. Hardly a paper is written in
QIT that does not make reference to entropy. In fact they make
reference to at least three distinct types of entropy, Boltzmann
entropy, Shannon entropy and Kolmogorov-Chaitin entropy. There are
even formulas which relate those three entropies to one another.
>Certainly,
>the term is hardly ever used in technical writing within the official
>crypto community.
It is used around here a lot.
>Ditto for "unicity". A related notion,
>"information", has much more use in practice.
That's just semantics. Most people in crypto know what is meant by
Shannon entropy.
>> What does entropy have to do with true randomness? Is maximal entropy
>> both a necessary and sufficient condition for true randomness?
>Maximal with respect to what?
Hey, I'm asking the questions around here.
>What is "true randomness"? Randomness is contextual, not absolute.
The uncomputable numbers are considered absolute random. The behavior
of quantum systems is considered absolute random. Chaitin's Omega is
considered absolute random. But that still does not capture the
essence of true randomness.
True randomness is a process which is capable of generating all
possible finite sequences equiprobably, namely in an independent and
equidistributed manner.
That means that the sequence 000...0 and the sequence 111...1 are both
true random sequences if they can be generated by a true random
process. That is why tests for bit bias are futile when applied to
individual sequences.
>I think this whole line of discussion has marginal relevance.
Marginal relevance to what - your favorite issues? I hate to tell you,
dude - but your favorite issues are not necessaruly the same as other
people's favorite issues.
The concept of randomness goes the very heart of quantum mechanics. In
fact, QIT itself is an attempt to get a handle on the absolute
randomness that is exhibited by quantum systems. Furthermore, the same
kind of randomness that is present in quantum physics is the kind
needed for secure crypto.
So the issues here are hardly of marginal relevance, at least to
people who understand crypto.
Bob Knauer
============================================================================
"The smallest minority on earth is the individual. Those who deny individual
rights cannot claim to be defenders of minorities."
-- Ayn Rand
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
