On Tue, May 01, 2018 at 06:09:13AM +0200, Richard Levitte wrote: > In message <[email protected]> on Mon, 30 Apr 2018 18:22:09 > +0200, Kurt Roeckx <[email protected]> said: > > kurt> On Mon, Apr 30, 2018 at 06:00:20PM +0200, Richard Levitte wrote: > kurt> > > kurt> > So I'd like to have it confirmed that I'm reading this right, that's > kurt> > about 0.08 entropy bits per 8 data bits? Or is it per data bit? > kurt> > kurt> Per symbol, being 8 bits for what you provided. > kurt> > kurt> > Depending on the interpretation, we either have 1 bit of entropy per > kurt> > 12 data bits... or per 100 data bits... The latter has my heart > kurt> > sinking... > kurt> > kurt> It's per 100 bits, and that's really still an overestimate. One > kurt> of the models they used was able to predict it that well. > > That well? I'm not sure I understand, the final min-entropy value is > the *lowest* of all different estimates. Also, I'm not sure what > makes you say it's an overestimate... are you simply speculating?
Those are all just tests to see how easy it is to predict the next value, but that really don't know anything about the data. It might be possible to generate a better predictor, one that has an even lower min-entropy value. That is why you should not rely on the tool to give you a good min-entropy value, it just shows that the maximum of the real value is the minimum reported by the tool. If you actually follow SP800-90B, you should make a theoretical model of how much entropy you expect, and then use the tool to verify that your model is correct. Kurt _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
