Matt Crawford wrote:

I so often get irritated when non-physicists discuss entropy. The wordis almost always misused.

Yes, the term "entropy" is often misused ... and we have seen some remarkably wacky misusage in this thread already. However, physicists do not have a monopoly on correct usage. Claude S was not a physicist, yet he definitely knew what he was talking about. Conversely, I know more than a few card-carrying physicists who have no real feel for what entropy is.

I looked at Shannon's definition and it isfine, from a physics point of view.

Indeed.

But if you apply thoughtfully to asingle fixed sequence, you correctly get the answer zero.

I agree with all that, except for the "But". Shannon well knew that the entropy was zero in such a situation.

If your sequence is defined to be { 0, 1, 2, ..., 255 }, theprobability of getting that sequence is 1 and of any other sequence,0. Plug it in.

Indeed.

If you have a generator of 8-bit random numbers and every sample isindependent and uniformly distributed, and you ran this for a gazillioniterations and wrote to the list one day saying the special sequence {0, 1, 2, ..., 255 } had appeared in the output, that's a differentstory. But still, we would talk about the entropy of your generator,not of one particular sequence of outputs.

Yes. Shannon called it the "source entropy", i.e. the entropy of the source, i.e. the entropy of the generator. Perry Metzger wrote:

Usually, the best you can do is produce (bad) bounds, and sometimes not even that.

Huh? What's your metric for "usually"? I'll agree as a matter of principle that whatever you're doing, you can always do it wrong. But that doesn't prevent me from doing it right. I can use physics to produce good bounds, that is, http://www.av8n.com/turbid/ ======================= The problem posed by the OP is trivial, and good solutions have already been posted. To recap: SHA-512 exists, and if that isn't good enough, you can concatenate the output of several different one-way functions. You can create new hash functions at the drop of a hat by prepending something (a counter suffices) to the input to the hash. Example: result = hash(1 || pw) || hash(2 || pw) || hash(3 || pw) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]