| Min-entropy of a probability distribution is 
| 
| -lg ( P[max] ), 
| 
| minus the base-two log of the maximum probability.  
| 
| The nice thing about min-entropy in the PRNG world is that it leads to
| a really clean relationship between how many bits of entropy we need
| to seed the PRNG, and how many bits of security (in terms of
| resistance to brute force guessing attack) we can get.
Interesting; I hadn't seen this definition before.  It's related to a
concept in traditional probability theory:  The probability of ruin.  If
I play some kind of gambling game, the usual analysis looks at "the
value of the game" strictly as my long-term expectation value.  If,
however, I have finite resources, it may be that I lose all of them
before I get to play long enough to make "long-term" a useful notion.
The current TV game show , Deal Or No Deal, is based on this:  I've yet
to see a banker's offer that equals, much less exceeds, the expected
value of the board.  However, given a player's finite resources - they
only get to play one game - the offers eventually become worth taking,
since the alternative is that you walk away with very little.  (For
that matter, insurance makes sense only because of this kind of
analysis:  The long-term expectation value of buying insurance *must*
be negative, or the insurance companies would go out of business -
but insurance can still be worth buying.)
                                                        -- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to