Re: [Hampshire] OpenSSL in Debian is broken

Góra strony
Autor: Hugo Mills
Data:  
Dla: p_alefounder, Hampshire LUG Discussion List
CC: 
Temat: Re: [Hampshire] OpenSSL in Debian is broken

Reply to this message
gpg: failed to create temporary file '/var/lib/lurker/.#lk0x57503100.hantslug.org.uk.2727': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Fri May 16 14:24:34 2008 BST
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
On Fri, May 16, 2008 at 11:25:38AM +0000, Peter Alefounder wrote:
> Hugo Mills <hugo@???> wrote:
> >    Not wrong, possibly, but not helpful in practice. If I gave you a
> > list of 100,000 numbers, could you use that definition to show that it
> > was a stream of random numbers?

>
> Even if you could not show that the numbers were random (whatever
> that might mean to a mathematician), if it was impossible to
> predict the sequence, wouldn't that be good enough for practical
> cryptographic applications? Chris Oattes' definition seems to me
> to be sufficient. Could a non-random but non-predictable (with
> probability > 1/10 per decimal digit) sequence exist?


Yes -- they're called cryptographically strong pseudo-random number
sequences. :)

The important thing in the generation of PRNs is hiding the
internal state of the generator. All PRNGs maintain an internal state
array which contains the information necessary to generate the next
number in the sequence. If you have that state (and the algorithm
being used), then you can follow the sequence perfectly. The trick is
in designing the algorithm so that it is computationally infeasible to
determine that state array from looking at the output values alone --
regardless of the quantity of output values you have.

Hugo.

-- 
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
  PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
         --- 2 + 2 = 5,  for sufficiently large values of 2. ---