On May 27, 2015, at 5:14 AM, Krisztián Pintér <[email protected]> wrote:
> by definition, entropy is anything the attacker does not know. No, entropy is anything about your own physical situation that *you* don’t know. That may or may not be something your attacker also doesn’t know. This is the fundamental reason randomness is hard. You want the second thing, but all you can guarantee is the first unless you have a *complete* model of the physical system generating your data (i.e. thermal or quantum noise, no tampering by the attacker, no side channels, etc. etc.) And this is the fundamental problem with Enrada: just because you and I and Russell Leidich don’t know how to predict the behavior of a modern CPU doesn’t mean the NSA doesn’t. rg _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
