Von Neumann counseled Shannon to call it entropy because "no one
really knows what entropy is". ;-)
I wanted to say that it's inherently problematic to use things like the
"randomness" in the interarrival time of events like interrupts, etc.
to "gather" "entropy" -- Ted has touched on this with his comment on
solid state disk drives, etc.
A bit stream may have 1 bit of entropy per bit of message (i.e. an
entropy of 1), and therefore be incompressible -- perhaps what Schwartz
thinks he means when he says "truly random" -- and be entirely predictable.
We want nicely-distributed "random" numbers without apparent bias,
with an apparent entropy of one, so that 10 bits of key material
is really 10 bits of key; what makes such numbers cryptographically
useful is that no amount of collected material enables us to
predict bits anywhere else in the stream (past or future, if viewed
temporally).
I have given Herr Schwartz enough of my grossmutterlich Freundlichkeit
for one day. Ppppt.
- M
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]