On Feb 18, 2006, at 5:42 PM, Stephen A. Lawrence wrote:
Horace Heffner wrote:
UPDATE - FEBRUARY 16, 2006 An arbitrarily close approximation to
an hysteresis free circuit (a circuit producing bits with
information entropy approaching 1) can be obtained by XORing the
outputs from multiple independent circuits having hysteresis.
The XORing can be achieved using simple clocked digital logic.
Suppose a circuit is being used that is very fast, but exhibits a
hysteresis of about 1 percent. That is to say the probability of
a 1 is 0.495 percent, and the probability of a 0 is 0.505
percent. By XORing the output of the two independent circuits,
the probability of a 0 drops to 0.495^2 + 0.505^2 = .5005. By
XORing the output of four independent circuits, the probability
of a 0 drops to 0.4995^2 + 0.5005^2 = .5000005. By XORing the
output of eight independent circuits, the probability of a 0
drops to 0.4999995^2 + 0.5000005^2 = .5000000000005. The
hysteresis is removed to less than 1 part in 10^12.
That is really cool. Is it original? If so it's surely worth a
patent!
Well, if so, I'll gladly sell any rights to it for $1 to anyone who
wants to patent it. I seriously doubt the originality, though I did
just write this off the top of my head with calculator busy in hand -
as usual with most things I wrote to vortex.
This method has the advantage over the Von Neumann whitening
method (see: http://en.wikipedia.org/wiki/One_time_pad
Are high-tech one-time-pads of any use? It seems like you need to
securely send a key the same length as the message to use it. But
if you can do that you can securely send the message itself (it's
the same length) so what did you need to encrypt it for?
One time pads can be useful because they can be prepared in advance
of the need to send a message. Ships or airplanes, for example, can
carry one time pads on missions.
The original physical one-time-pads used a centrally generated key
(printed on the pad) which was carried with the spy to whatever
destination. The spy knew whether he'd been caught (obviously) and
knew whether he still had the pad with him (obviously) and so could
know whether the pad's integrity had been compromised. Thus, in
effect, the "channel" from headquarters to the field office was
known to be "secure". So, since a copy of the pad was kept back at
HQ, he could then send the encrypted message, _without_ the
accompanying key, in perfect security, the only hazard being that
he had to destroy the clear-text original _and_ his copy of the key
in some secure fashion (cigarette lighter and hotel ashtray, for
instance).
There are much better ways to use one time pads.
When you move into the electronic world, though, you're presumably
talking about generating the key on the spot, at the point where
the encryption takes place.
Not necessarily.
But that's useless! You only need to encrypt the message if the
channel isn't secure, but in that case you can't send the key!
Again, it seems like the _only_ way a one-time-pad can be useful is
in the unusual case where there is a secure _one_ _way_ channel,
and you need to transfer information the _other_ _way_. In that
unique case the key can be originated at one end and a copy of the
key sent securely, and the encrypted data can then be returned
insecurely.
One use for on-the-spot one time pads is to fill in voids in
communication channels. In that way signal analysis can not be
used. Sometimes just knowing the communication volume on a channel
is very useful. However, if vast quantities of filler one time pad
are shipped, it is then possible for prearranged algorithms to be
used to select and transform portions of that huge mass of seemingly
useless data to arrive at a useful pad. A one time pad can then be
used to exchange the small amount of transform information.
However, my interest in this primarily relates to the EGG project. I
have to wonder if a good whitening algorithm is used whether the
effect will still be observed. Beyond that, I have to wonder even if
a whitening algorithm suppresses the effect - so what? That's what
it is supposed to do! It is the underlying quantum mechanics that
are really in question, so suppressing that signal may just be
foolish. OTOH, if the random number generators are not random, there
is no surprise anomalies do occur. This is a tough problem.
I think the place where the idea has real and immediate usefulness is
in cases where true random number generators are already in use. One
such place might be video poker and other gambling machines, and also
Monte Carlo simulations. Bias in such machines could prove costly.
The advantage to the method lies in the fact that no hardware changes
are necessary if a hardware RNG is in place already. It is then
merely a matter of generating and XORing pads. The problem is a
slowing of the pad generation rate for that approach, but that is no
problem at all for gambling machines.
It may be of interest that processors are sold with two fast hardware
RNGs built into the processor (and thus they are "free"). See:
http://www.mini-box.com/s.nl/sc.8/category.99/it.A/id.432/.f
Horace Heffner
