Aram Perez wrote:
* How do you measure entropy? I was under the (false) impression that
Shannon gave a formula that measured the entropy of a message (or
information stream).
Entropy is defined in terms of probability. It is a measure of
how much you don't know about the situation. If by
On Wed, Mar 22, 2006 at 03:29:07PM -0800, Aram Perez wrote:
* How do you measure entropy? I was under the (false) impression that
Shannon gave a formula that measured the entropy of a message (or
information stream).
He did give a formula for the entropy of a source; however the
Aram Perez [EMAIL PROTECTED] wrote:
So, if you folks care to educate me, I have several questions related
to entropy and information security (apologies to any physicists):
I'll answer the easier questions. I'll leave the harder ones for someone
with a better grounding in information theory.
I have examined the LRNG paper and have a few comments.
CC'd to the authors so mind the followups.
1) In the paper, he mentions that the state file could be altered by
an attacker, and then he'd know the state when it first came up. Of
course, if he could do that, he could simply install a
On Thu, Mar 23, 2006 at 09:30:30AM -0500, Perry E. Metzger wrote:
A while ago, you may recall that members of the Greek government were
wiretapped, and at the time, I speculated that the bad guys may have
abused the built in CALEA software in the switch to do it. Well, it
now appears that that
From: Jack Lloyd [EMAIL PROTECTED]
Sent: Mar 22, 2006 11:30 PM
To: cryptography@metzdowd.com
Subject: Re: Entropy Definition (was Re: passphrases with more than 160 bits
of entropy)
...
As an aside, this whole discussion is confused by the fact that there
are a bunch of different domains in
On Thu 23 Mar 2006 15:30, Perry E. Metzger wrote:
A while ago, you may recall that members of the Greek government were
wiretapped, and at the time, I speculated that the bad guys may have
abused the built in CALEA software in the switch to do it. Well, it
now appears that that was precisely
Olle Mulmo wrote:
On Mar 20, 2006, at 21:51, [EMAIL PROTECTED] wrote:
I was tearing up some old credit card receipts recently - after all
these years, enough vendors continue to print full CC numbers on
receipts that I'm hesitant to just toss them as is, though I doubt
there
are many
On Thu, Mar 23, 2006 at 01:55:30AM -0600, Travis H. wrote:
It's annoying that the random number generator code calls the
unpredictable stuff entropy. It's unpredictability that we're
concerned with, and Shannon entropy is just an upper bound on the
predictability. Unpredictability cannot be
John Kelsey wrote:
As an aside, this whole discussion is confused by the fact that there
are a bunch of different domains in which entropy is defined. The
algorithmic information theory sense of entropy (how long is the
shortest program that produces this sequence?) is miles away from the
On Thu, Mar 23, 2006 at 08:15:50PM -, Dave Korn wrote:
So what they've been doing at my local branch of Marks Spencer for the
past few weeks is, at the end of the transaction after the (now always
chip'n'pin-based) card reader finishes authorizing your transaction, the
cashier at the
At 22:09 -0500 2006/03/22, John Denker wrote:
Aram Perez wrote:
* Can you add or increase entropy?
Shuffling a deck of cards increases the entropy of the deck.
As a minor nit, shuffling *in an unpredictable manner* adds entropy,
because there is extra randomness being brought into the
From: John Denker [EMAIL PROTECTED]
Sent: Mar 23, 2006 1:44 PM
To: John Kelsey [EMAIL PROTECTED], cryptography@metzdowd.com
Subject: Re: Entropy Definition (was Re: passphrases with more than 160 bits
of entropy)
...
With some slight fiddling to get the normalization right, 1/2
raised to the
Blanking out all but the last 4 digits is foolish. The last is a checksum
and the first four are determined by the merchant. This greatly reduces
the possibilities for the other 8 digits. I'd rather just Bank Name or even
the first 4 digits. (I know that amex use only 15, even worse.)
brucee
From: David Malone [EMAIL PROTECTED]
Sent: Mar 23, 2006 3:43 PM
To: Travis H. [EMAIL PROTECTED]
Cc: Heyman, Michael [EMAIL PROTECTED], cryptography@metzdowd.com, [EMAIL
PROTECTED], [EMAIL PROTECTED]
Subject: Re: Linux RNG paper
...
One metric might be guessability (mean number of guesses
I wrote:
With some slight fiddling to get the normalization right, 1/2
raised to the power of (program length) defines a probability
measure. This may not be the probability you want, but it
is a probability, and you can plug it into the entropy definition.
John Kelsey wrote:
No, this isn't
Pithy wit and wisdom from New Zealand. lol.
_Vin
-Original Message-
From: Peter Gutmann [EMAIL PROTECTED]
Sent: Thursday, 23 March 2006 12:41 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [Cfrg] Defining inter operable ECC keys in for IETF protocols
Blumenthal, Uri [EMAIL
This is getting pretty far afield from cryptography but it is a topic
I find very interesting so I can't resist jumping in.
John Denker writes:
OK, in a moment we will have gone through four plies of no-it-isn't
yes-it-is no-it-isn't yes-it-is. Let's get serious. The axiomatic
definition of
18 matches
Mail list logo