Philip Stubbs <philip@???> wrote:
> This got me thinking. The problem is not just
> whether the next digit can be predicted, but if
> there can be any long term cycles that could
> start to show.
>From Steven Bellovin's post in the thread I
mentioned:
http://www.mail-archive.com/cryptography@metzdowd.com/msg05486.html
"...you just cannot tell if a single number is
'random'. At best, you can look at a large
selection of numbers and see if they fit
certain randomness tests."
"...numbers that are 'random enough' for
statistical purposes are not necessarily good
enough for cryptographic purposes. As several
people have pointed out already, there are
processes involving cryptographic algorithms
that produce very 'random' sequences, but are
in fact deterministic to someone who knows a
secret."
> In the end, I expect that what is considered
> 'random enough' will be used, and that
> definition will evolve as computing power
> expands.
....
> How you determine that value is another question
> :-)
That's what the min-entropy concept is for:
http://www.mail-archive.com/cryptography@metzdowd.com/msg05929.html
"The nice thing about min-entropy in the PRNG
world is that it leads to a really clean
relationship between how many bits of entropy
we need to seed the PRNG, and how many bits of
security (in terms of resistance to brute
force guessing attack) we can get."
Nick.
--
Nick Chalk ................. once a Radio Designer
Confidence is failing to understand the problem.
