Matt Crawford wrote:

I so often get irritated when non-physicists discuss entropy. The word is almost always misused.

Yes, the term "entropy" is often misused ... and we have seen some
remarkably wacky misusage in this thread already.  However, physicists
do not have a monopoly on correct usage.  Claude S was not a physicist,
yet he definitely knew what he was talking about.  Conversely, I know
more than a few card-carrying physicists who have no real feel for what
entropy is.

I looked at Shannon's definition and it is fine, from a physics point of view.


But if you apply thoughtfully to a single fixed sequence, you correctly get the answer zero.

I agree with all that, except for the "But".  Shannon well knew that
the entropy was zero in such a situation.

If your sequence is defined to be { 0, 1, 2, ..., 255 }, the probability of getting that sequence is 1 and of any other sequence, 0. Plug it in.


If you have a generator of 8-bit random numbers and every sample is independent and uniformly distributed, and you ran this for a gazillion iterations and wrote to the list one day saying the special sequence { 0, 1, 2, ..., 255 } had appeared in the output, that's a different story. But still, we would talk about the entropy of your generator, not of one particular sequence of outputs.

Yes.  Shannon called it the "source entropy", i.e. the entropy of
the source, i.e. the entropy of the generator.

Perry Metzger wrote:

Usually, the best you can do is produce (bad) bounds, and sometimes
not even that.

Huh?  What's your metric for "usually"?  I'll agree as a matter of
principle that whatever you're doing, you can always do it wrong.
But that doesn't prevent me from doing it right.  I can use physics
to produce good bounds, that is,


The problem posed by the OP is trivial, and good solutions have already
been posted.  To recap: SHA-512 exists, and if that isn't good enough,
you can concatenate the output of several different one-way functions.
You can create new hash functions at the drop of a hat by prepending
something (a counter suffices) to the input to the hash.

Example:  result = hash(1 || pw)  ||  hash(2 || pw)  ||  hash(3 || pw)

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to