>Assume for a moment that we have a random number generator which is >non-uniform, and we are using it to generate a key. > >What I'd like to do is characterize the work factor involved in >brute-force search of the key space, assuming that the adversary >has knowledge of the characteristics of the random number generator?

You may want to use the guessing entropy. I've written about it before here: http://www.cs.berkeley.edu/~daw/my-posts/entropy-measures Christian Cachin's thesis is a wonderful introduction to entropy measures, including the guessing entropy. By the way, I'll make the obvious recommendation: Try to avoid using a non-uniform random number generator to generate a cryptographic key, if you can. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com