Aram Perez <[EMAIL PROTECTED]> wrote:

> So, if you folks care to educate me, I have several questions related
> to entropy and information security (apologies to any physicists):
I'll answer the easier questions. I'll leave the harder ones for someone
with a better grounding in information theory.

> * What is the relationship between randomness and entropy?

Roughly, they both measure unpredictability. Something that is hard
to predict is random, or has high entropy. There are mathematical
formulations that make this a lot more precise, but that's the basic

> * Does processing an 8 character password with a process similar to
> PKCS#5 increase the entropy of the password?

Absolutely not!

At best, you preserve the original entropy, just distributing it
differently. If you get the processing wrong, you can reduce or
even entirely destroy it, but no amount of any kind of processing
can increase it.

> * Can you add or increase entropy?
You can add more entropy, either from another source or more
from the same source. That is the only way to increase it.

Sandy Harris
Zhuhai, Guangdong, China

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to