On Tue, 7 Sep 2010 22:22:57 -0400 Jerry Leichter <[email protected]> wrote: > On Sep 6, 2010, at 10:49 PM, John Denker wrote: > > It's easy to pin down. If it's unpredictable to the attacker, > > it's unpredictable enough for all practical purposes. > I was talking about mathematical, even philosophical, underpinnings > - not "practical purposes". > > In any case, even if you are concerned with practice, the > statement that something is "unpredictable to the attacker" sounds > suspect. After all, most junk cryptographic arguments claim that > some algorithm is "not reversible by the attacker". One should > really expect more.
Actually, I've seen a significant number of proofs in the crypto world that amount to "show that the attacker cannot distinguish these bits from a set of random bits with probability better than uninformed guessing". It appears to be reasonable to think that if the attacker cannot distinguish a stream from a "true" random stream, or cannot predict the next bit with better probability than chance, the attacker has no handle on which to base an attack. I would invite people who are more versed on this topic to chime in. Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
