[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Random Number Testing



At 01:34 3/29/96, Deranged Mutant wrote:

>> -     Is this apparent entropy really *unpredictable* (the most useful
>>       definition of "random" for cryptographic purposes)?
>
>Good question. You'd need to look for patterns.  Barring none, you'd
>have to guess the factors that lead to the entropy, and then see if
>there's a way to reverse-engineer it. (Perhaps use a stripped down
>system and build it up, or disable some of the hardware and OS
>features etc.)

There's more to unpredictability than patterns or their absense.  In
addition, you have to look at the ability of anyone else on the same
machine to learn things about the data you're gathering and subtract the
entropy of that commonly available data.

+--------------------------------------------------------------------------+
|Carl M. Ellison          [email protected]   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |
+--------------------------------------------------------------------------+