On Wed, Nov 14, 2001 at 10:59:57AM -0800, Michael Sierchio wrote: > Lutz Jaenicke wrote: > > > The entropy parameter should tell, how much "uncertainty" is in the > > data provided. > > > If we choose a value of 0, we mean that there may be entropy in it, but > > maybe an attacker can predict the value, so we use it but do not count > > it as a really unpredictable input. > > So, if we know the entropy per character (byte) what's the correct > formula for deriving the correct value for the entropy parameter?
If the entropy is 10% (compress ration 1:10), the parameter is "number of bytes * 10%". Please note again, that the compression ration is just the condensed amount of information in the message. If we don't know the message, it is more or less equivalent to the entropy (unpredictability) in it. If the message is known, the entropy (from the cryptographic point of view) is zero! It is therefore a difficult decision to finally estimate the entropy coming from the source with the compressed size being kind of an upper bound. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]