True Random Number Generator
in [Cryptography]
|
From: jmorton123 on 13 Feb 2010 22:05 I'm glad to see we are now on solid ground in this discussion I have just finished the basic software of my random binary number generator. I expect to post the description here tomorrow in a new post and make the freeware available on my website at that time: kingkonglomerate.com Some of the freeware I have made availabe have just been educational tools for the newbies but some of the other freeware programs have been preliminary steps towards this Random Binary Number Generator. I look forward to your comments on the effectiveness of this program as it will be described. I will post some tutorial videos in the next couple of weeks as well. JM On Feb 8, 11:09 am, g...(a)nope.ucsd.edu (Greg Rose) wrote: > In article <outer-8C04BE.12064208022...(a)news.ssl.Ngroups.NET>, > Richard Outerbridge <ou...(a)interlog.com> wrote: > > > > > > >In article > ><f1471543-c3e8-40b5-856f-9b933b6b7...(a)j31g2000yqa.googlegroups.com>, > > bmearns <mearn...(a)gmail.com> wrote: > > >> On Jan 31, 6:18 pm, jmorton123 <jmorton...(a)rock.com> wrote: > >> [snip] > >> > It's all about the "random" numbers. If no one can reproduce the > >> > "random" numbers then no one can decrypt the encrypted message, > >> > regardless of where those "random" numbers came from or how they were > >> > produced. > >> [snip] > > >> While I can't claim to be any kind of expert in this field, I don't > >> believe you're correct in this conclusion. Preventing someone from > >> exactly recreating your pseudorandom sequence is of course very > >> important, but that's not the only vector of attack. You need to be > >> careful to ensure that there are no patterns or biases in your > >> sequence, either. You might have a stream of bits in which the > >> distance between 1's is perfectly random, but if it's 90% 0's, that's > >> not a very secure sequence. That's an extreme example, of course, but > >> more subtle patterns and biases could be devastating to someone > >> relying on this for security. > > >For cryptographic purposes, does it not suffice that the entropy of the > >keystream be greater than the redundancy of the plaintext? It need not > >be perfectly random - just sufficiently random. > > To use my favourite quote: "In theory there's no > difference between theory and practice, but in > practice, there is." -- Yogi Berra. > > Theoretically you're right, but it's very > dangerous. In a real cryptosystem, you have to > assume multiple messages, and while the individual > messages might be highly compressed or have high > entropy, you are much less certain about the > entropy rate of multiple messages. Perhaps one of > the recipients modified or quoted the content and > sent it out again. Correlation between the two > messages would show this (see the Venona > intercepts) and then the total entropy of the two > messages might well fall below what is necessary > for security. > > Greg. > > -- > Greg Rose > 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C- Hide quoted text - > > - Show quoted text - |