| On Wed, Nov 08, 2006 at 05:58:41PM -0500, Leichter, Jerry wrote:
| > Sorry, that doesn't make any sense.  If your HWRNG leaks 64 bits,
| > you might as well assume it leaks 256.  When it comes to leaks of
| > this sort, the only interesting numbers are "0" and "all".
| Nonsense. I can cite numerous examples of such happening in real life.
| [Miscellaneous examples elided]
OK, so what argument will you make that, given one of these "leaky",
partially predictable, generators, 128 bits are "too few" but by some
magic 256 are "enough"?  If they really are "enough", why not generate
256 bits and mash them together into 128?

| > Such calculations are nonsense.  Moore's Law stops working at some
| > point, as you start to run out of electrons to run through all your
| > gates.  2^128 isn't just out of our current range; it's out of range
| > of any technology we have any inkling of today.
| The death of Moore's law, like the end of the world, has been
| predicted many times, with the same result.
Funny thing about exponential curves in the real world:  They stop
being exponential eventually.
                                                        -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to