Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread John Denker
Aram Perez wrote: * How do you measure entropy? I was under the (false) impression that Shannon gave a formula that measured the entropy of a message (or information stream). Entropy is defined in terms of probability. It is a measure of how much you don't know about the situation. If by

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread Jack Lloyd
On Wed, Mar 22, 2006 at 03:29:07PM -0800, Aram Perez wrote: * How do you measure entropy? I was under the (false) impression that Shannon gave a formula that measured the entropy of a message (or information stream). He did give a formula for the entropy of a source; however the

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread Sandy Harris
Aram Perez [EMAIL PROTECTED] wrote: So, if you folks care to educate me, I have several questions related to entropy and information security (apologies to any physicists): I'll answer the easier questions. I'll leave the harder ones for someone with a better grounding in information theory.

Re: Linux RNG paper

2006-03-23 Thread Travis H.
I have examined the LRNG paper and have a few comments. CC'd to the authors so mind the followups. 1) In the paper, he mentions that the state file could be altered by an attacker, and then he'd know the state when it first came up. Of course, if he could do that, he could simply install a

Re: Greek officials were tapped using law enforcement back door

2006-03-23 Thread Adam Fields
On Thu, Mar 23, 2006 at 09:30:30AM -0500, Perry E. Metzger wrote: A while ago, you may recall that members of the Greek government were wiretapped, and at the time, I speculated that the bad guys may have abused the built in CALEA software in the switch to do it. Well, it now appears that that

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread John Kelsey
From: Jack Lloyd [EMAIL PROTECTED] Sent: Mar 22, 2006 11:30 PM To: cryptography@metzdowd.com Subject: Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy) ... As an aside, this whole discussion is confused by the fact that there are a bunch of different domains in

Re: Greek officials were tapped using law enforcement back door

2006-03-23 Thread Nikos Mavrogiannopoulos
On Thu 23 Mar 2006 15:30, Perry E. Metzger wrote: A while ago, you may recall that members of the Greek government were wiretapped, and at the time, I speculated that the bad guys may have abused the built in CALEA software in the switch to do it. Well, it now appears that that was precisely

Re: passphrases with more than 160 bits of entropy

2006-03-23 Thread Matt Crawford
On Mar 22, 2006, at 20:11, John Denker wrote: But if you apply thoughtfully to a single fixed sequence, you correctly get the answer zero. I agree with all that, except for the But. Shannon well knew that the entropy was zero in such a situation. Sure. The but was to someone who

Re: Creativity and security

2006-03-23 Thread Dave Korn
Olle Mulmo wrote: On Mar 20, 2006, at 21:51, [EMAIL PROTECTED] wrote: I was tearing up some old credit card receipts recently - after all these years, enough vendors continue to print full CC numbers on receipts that I'm hesitant to just toss them as is, though I doubt there are many

Re: Linux RNG paper

2006-03-23 Thread David Malone
On Thu, Mar 23, 2006 at 01:55:30AM -0600, Travis H. wrote: It's annoying that the random number generator code calls the unpredictable stuff entropy. It's unpredictability that we're concerned with, and Shannon entropy is just an upper bound on the predictability. Unpredictability cannot be

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread John Denker
John Kelsey wrote: As an aside, this whole discussion is confused by the fact that there are a bunch of different domains in which entropy is defined. The algorithmic information theory sense of entropy (how long is the shortest program that produces this sequence?) is miles away from the

Re: Creativity and security

2006-03-23 Thread J. Bruce Fields
On Thu, Mar 23, 2006 at 08:15:50PM -, Dave Korn wrote: So what they've been doing at my local branch of Marks Spencer for the past few weeks is, at the end of the transaction after the (now always chip'n'pin-based) card reader finishes authorizing your transaction, the cashier at the

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread Greg Rose
At 22:09 -0500 2006/03/22, John Denker wrote: Aram Perez wrote: * Can you add or increase entropy? Shuffling a deck of cards increases the entropy of the deck. As a minor nit, shuffling *in an unpredictable manner* adds entropy, because there is extra randomness being brought into the

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread John Kelsey
From: John Denker [EMAIL PROTECTED] Sent: Mar 23, 2006 1:44 PM To: John Kelsey [EMAIL PROTECTED], cryptography@metzdowd.com Subject: Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy) ... With some slight fiddling to get the normalization right, 1/2 raised to the

Re: Creativity and security

2006-03-23 Thread brucee
Blanking out all but the last 4 digits is foolish. The last is a checksum and the first four are determined by the merchant. This greatly reduces the possibilities for the other 8 digits. I'd rather just Bank Name or even the first 4 digits. (I know that amex use only 15, even worse.) brucee

Re: Linux RNG paper

2006-03-23 Thread John Kelsey
From: David Malone [EMAIL PROTECTED] Sent: Mar 23, 2006 3:43 PM To: Travis H. [EMAIL PROTECTED] Cc: Heyman, Michael [EMAIL PROTECTED], cryptography@metzdowd.com, [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Linux RNG paper ... One metric might be guessability (mean number of guesses

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread John Denker
I wrote: With some slight fiddling to get the normalization right, 1/2 raised to the power of (program length) defines a probability measure. This may not be the probability you want, but it is a probability, and you can plug it into the entropy definition. John Kelsey wrote: No, this isn't

ECC Wit and Wisdom (Fwd)

2006-03-23 Thread Vin McLellan
Pithy wit and wisdom from New Zealand. lol. _Vin -Original Message- From: Peter Gutmann [EMAIL PROTECTED] Sent: Thursday, 23 March 2006 12:41 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [Cfrg] Defining inter operable ECC keys in for IETF protocols Blumenthal, Uri [EMAIL

Re: Entropy Definition (was Re: passphrases with more than 160 bits of entropy)

2006-03-23 Thread Hal Finney
This is getting pretty far afield from cryptography but it is a topic I find very interesting so I can't resist jumping in. John Denker writes: OK, in a moment we will have gone through four plies of no-it-isn't yes-it-is no-it-isn't yes-it-is. Let's get serious. The axiomatic definition of