On Thu, 25 Apr 2002, Ken Brown wrote:
> "Trei, Peter" wrote:
>
> [...]
>
> > >Exactly what is the Choatian definition of a PRNG which requires
> > >it to repeat, anyway?
>
> Possibly confusion between 2 common English meanings of "repeat".
>
> (1) repeatable, so if someone else runs the same
On Thu, 25 Apr 2002, Trei, Peter wrote:
> My point, I hope it is clear, was to prove that there are deterministic
> algorithms which do not repeat.
There are, AND they are continous and -not- based on NOT-AND-OR. I
-never- said there were not deterministic algorithms but then again those
algori
lt;[EMAIL PROTECTED]>
> Subject: Re: Two ideas for random number generation
> Date: Wed, 24 Apr 2002 08:44:41 -0600
>
> Bob,
>
> Tim's examples are unnecessarily complicated.
>
> The logistic function f(x) = Ax(1-x) maps the interval [0,1] into itself for
> A in t
On Wed, 24 Apr 2002 [EMAIL PROTECTED] wrote:
> That is, to get the infinite cycle, you'd have to have some method of
> generating a uniform random integer 0 to infinity for the
> initial state, and you'd need an infinite amount of memory
> to store the current internal state. Neither of which
On Wed, 24 Apr 2002, David Howe wrote:
> > No it isn't. You -want- a RNG but you can't have one. Nobody
> > -wants- a PRNG, they -settle- for it.
> I think there is some confusion here - if you are using a PRNG as a stream
> cypher, the last thing in the world you want is for it to be truely ran
Title: RE: Re: disk encryption modes (Re: RE: Two ideas for random number generation)
- Original Message -
From:
[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, April 27, 2002 12:11
PM
Subject: CDR: RE: Re: disk encryption
modes (Re: RE: Two ideas for
Title: RE: Re: disk encryption modes (Re: RE: Two ideas for random number generation)
Instead of adding 16 bytes to the size of each sector for sector IV's how about having a separate file (which could be stored on a compact flash card, CDRW or other portable media) that contains the IV&
- Original Message -
From: "Adam Back" <[EMAIL PROTECTED]>
> Joseph Ashwood wrote:
> > Actually I was referring to changing the data portion of the block
> > from {data} to {IV, data}
>
> Yes I gathered, but this what I was referring to when I said not
> possible. The OSes have 512Kbytes
Joseph Ashwood wrote:
> Adam Back Wrote:
> > > This becomes completely redoable (or if you're willing to sacrifice
> > > a small portion of each block you can even explicitly stor ethe IV.
> >
> > That's typically not practical, not possible, or anyway very
> > undesirable for performance (two dis
- Original Message -
From: "Adam Back" <[EMAIL PROTECTED]>
> On Fri, Apr 26, 2002 at 11:48:11AM -0700, Joseph Ashwood wrote:
> > From: "Bill Stewart" <[EMAIL PROTECTED]>
> > > I've been thinking about a somewhat different but related problem
lately,
> > > which is encrypted disk drives.
Right, it sounds like the same approach I alluded to, except I didn't
use a salt -- I just used a fast pseudon random number generator to
make the IV less structured than using the block number directly.
I did some experiments with a used disk and found that if you use the
block number directly f
> You could encrypt twice (CBC in each direction or something), but that
> will again slow you down by a factor of 2.
You can't easily get away with storing the IV as multiple parts of the IO
pipe like to see blocks in 2^n form.
The approach I take in Rubberhose is to calculate the IV from a
ve
On Fri, Apr 26, 2002 at 11:48:11AM -0700, Joseph Ashwood wrote:
> From: "Bill Stewart" <[EMAIL PROTECTED]>
> > I've been thinking about a somewhat different but related problem lately,
> > which is encrypted disk drives. You could encrypt each block of the disk
> > with a block cypher using the s
- Original Message -
From: "Bill Stewart" <[EMAIL PROTECTED]>
> I've been thinking about a somewhat different but related problem lately,
> which is encrypted disk drives. You could encrypt each block of the disk
> with a block cypher using the same key (presumably in CBC or some similar
"Trei, Peter" wrote:
[...]
> >Exactly what is the Choatian definition of a PRNG which requires
> >it to repeat, anyway?
Possibly confusion between 2 common English meanings of "repeat".
(1) repeatable, so if someone else runs the same algorithm on similar
hardware with the same initial conditi
On Thursday, April 25, 2002, at 07:45 AM, Major Variola (ret) wrote:
> At 09:42 AM 4/23/02 -0700, Tim May wrote:
>>
>> And even if the world were Newtonian, in a classical billiard ball
>> sense, with Planck's constant precisely equal to zero, predictability
> is
>> a chimera. Consider a game of
> Sandy Harris[SMTP:[EMAIL PROTECTED]]
>
> Jim Choate wrote:
>
> > > PRNG output is fixed/repeatable too - that is a properly you *want*
> from a
> > > PRNG.
> >
> > No it isn't. You -want- a RNG but you can't have one. Nobody -wants- a
> > PRNG, they -settle- for it.
>
> That is nearly true
"Major Variola (ret)" wrote:
> There is a fascinating demo-photograph that shows reflections off
> 4 stacked steel balls is a classical fractal.
"Topology in chaotic scattering" - DAVID SWEET, EDWARD OTT & JAMES A.
YORKE
http://www.nature.com/cgi-taf/DynaPage.taf?file=/nature/journal/v399/n6734
<[EMAIL PROTECTED]> wrote:
> On 24 Apr 2002 at 17:41, David Howe wrote:
> > its probably a better (if much slower) stream cypher than most currently
in
> > use; I can't think of any that have larger than a 256 internal state,
and
> > that implies a 2^256 step cycle at best; for pi to be worse, it
At 09:42 AM 4/23/02 -0700, Tim May wrote:
>
>And even if the world were Newtonian, in a classical billiard ball
>sense, with Planck's constant precisely equal to zero, predictability
is
>a chimera. Consider a game of billiards, with perfectly spherical
>billiard balls, a perfectly flat table, etc.
On 24 Apr 2002 at 17:41, David Howe wrote:
> > Maybe for you, I sure as hell wouldn't use it either as a key or as a
> > seed into a known hashing/whiting algorithm.
> its probably a better (if much slower) stream cypher than most currently in
> use; I can't think of any that have larger than a 2
I seem to be channeling mathematicians this morning...
Cheers,
RAH
--- begin forwarded text
Status: U
From: Somebody with a sheepskin...
To: "R. A. Hettinga" <[EMAIL PROTECTED]>
Subject: Re: Two ideas for random number generation
Date: Wed, 24 Apr 2002 08:44:41 -0600
Bob,
Optimizzin Al-gorithym <[EMAIL PROTECTED]> wrote:
> You can also use common guard structures to isolate the "HV" part of
> the chip, without dicking with the Delicate Recipes (process) which
> you Don't Want To Do And Probably Wouldn't Be Allowed To Anyway.
> Also helps keep digital switching nois
> No it isn't. You -want- a RNG but you can't have one. Nobody
> -wants- a PRNG, they -settle- for it.
I think there is some confusion here - if you are using a PRNG as a stream
cypher, the last thing in the world you want is for it to be truely random -
you need to sync up two prngs in order to d
At 11:55 AM 4/24/02 +0300, Sampo Syreeni wrote:
>On Tue, 23 Apr 2002, Riad S. Wahby wrote:
>
>>This may take more voltage than you want to use in your process, but
you
>>can engineer the base-emitter junction if you've got a friend in
process
>>engineering.
You can also use common guard structure
On Tue, 23 Apr 2002 [EMAIL PROTECTED] wrote:
> --
> Jim Choate wrote:
> > > > If you can't develop a RNG in software (ie you'd be in a
> > > > state of sin), what makes you think you can do it using
> > > > -only- digital gates in hardware? You can't.
>
> James A. Donald:
> > > Classic Choa
Tim May wrote:
>
> On Monday, April 22, 2002, at 11:23 PM, Joseph Ashwood wrote:
> >
> > From: <[EMAIL PROTECTED]>
> >> If a RNG runs off Johnson noise, then the ability to predict its
> >> output would imply the ability to violate the second law of
> >> thermodynamics. If it runs off shot nois
Jim Choate wrote:
> > PRNG output is fixed/repeatable too - that is a properly you *want* from a
> > PRNG.
>
> No it isn't. You -want- a RNG but you can't have one. Nobody -wants- a
> PRNG, they -settle- for it.
That is nearly true for crypto applications, but it certainly isn't for
some other
Sampo Syreeni <[EMAIL PROTECTED]> wrote:
> Aren't there dedicated avalanche diodes available with low breakdown
> voltages, precisely for this reason? I think they're used in applications
> where zeners could be, except for higher breakdown current.
Sure. I was thinking of an IC design, in which
On Wed, 24 Apr 2002, David Howe wrote:
> "Jim Choate" <[EMAIL PROTECTED]> wrote:
> > But that changes the game in the middle of play, the sequence of digits
> > in pi is fixed, not random. You can't get a random number from a constant.
> > Otherwise it wouldn't be a constant.
> PRNG output is f
"Jim Choate" <[EMAIL PROTECTED]> wrote:
> But that changes the game in the middle of play, the sequence of digits
> in pi is fixed, not random. You can't get a random number from a constant.
> Otherwise it wouldn't be a constant.
PRNG output is fixed/repeatable too - that is a properly you *want*
On Tue, 23 Apr 2002, Riad S. Wahby wrote:
>This may take more voltage than you want to use in your process, but you
>can engineer the base-emitter junction if you've got a friend in process
>engineering.
Aren't there dedicated avalanche diodes available with low breakdown
voltages, precisely for
On Tue, 23 Apr 2002, Riad S. Wahby wrote:
> Another nice way to get an RNG is Avalanche breakdown.
I like using radiation on diodes myself. Reverse bias them and then
amplify the noise. Use a Schmitt Trigger. Use one for each bit.
--
__
On Tue, 23 Apr 2002 [EMAIL PROTECTED] wrote:
> One can build a true random generator using a two resistors, a
A resistor isn't a Boolean gate.
Go back to sleep.
I'm still working on your Chomsky page. I don't think you'll be happy.
--
___
On Tue, 23 Apr 2002, Alan Braggins wrote:
> > > Actually you left something out, the PRNG by definition must have a
> > > modulus of repetition. At some point it starts the sequence over.
> > >
> > As usual, Jim is wrong. There are deterministic systems which never
> > repeat. For example, there
On Tue, 23 Apr 2002, Trei, Peter wrote:
> Exactly what is the Choatian definition of a PRNG which requires
> it to repeat, anyway?
Wrong question, the -right- questions is...
What is -random-?
It means unpredictable, this means unrepeatable. If it repeats then it
-must- be predictable; that m
On Tue, 23 Apr 2002, Trei, Peter wrote:
> As usual, Jim is wrong. There are deterministic systems which never
> repeat. For example, there is an algorithm which will give you the
> nth digit of pi.
Ok. The distribution of a single digit is -not- the same as pi itself...
> If I use this as my P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim wrote:
>The modern name for this outlook is "chaos theory," but I believe
>"chaos" gives almost mystical associations to something which is really
>quite understandable: divergences in decimal expansions.
>Discrepancies come marching in, fairl
gfgs pedo <[EMAIL PROTECTED]> wrote:
> why exactly is avalanvche break down a good RNG?
> Thank u.
Avalanche noise is just about as good as Johnson / Johnson-Nyquist /
thermal noise (all names for the same phenomenon) for collecting
entropy. The spectral density is flat, but the amplitude distri
Tim May wrote:
> Boehm's "hidden variables" model is generally discredited (some would
> say "disproved"). Alternatives to the Copenhagen Interpretation, notably
> EWG/"many worlds," Hartle's "consistent histories," and Cramer's
> transactional model, are still not deterministic, in that the worl
On Monday, April 22, 2002, at 11:23 PM, Joseph Ashwood wrote:
>
> From: <[EMAIL PROTECTED]>
>> If a RNG runs off Johnson noise, then the ability to predict its
>> output would imply the ability to violate the second law of
>> thermodynamics. If it runs off shot noise, then the ability to
>> pred
"Trei, Peter" <[EMAIL PROTECTED]> wrote:
> You can build analog devices out of silicon, and get Johnson noise
> from resistors or diodes. You can also build radiation detectors in
> silicon, though in the absence of a supplied radiation source your
> data rate will be low
Another nice way to get
--
Jim Choate wrote:
> > > If you can't develop a RNG in software (ie you'd be in a
> > > state of sin), what makes you think you can do it using
> > > -only- digital gates in hardware? You can't.
James A. Donald:
> > Classic Choatian physics.
> >
> > Of course you can.
Jim Choate:
> Not if
--
Joseph Ashwood
> > > Because with a pRNG we can sometimes prove very important
> > > things, while with a RNG we can prove very little (we can't
> > > even prove that entropy actually exists, let alone that we
> > > can collect it).
James A. Donald:
> > Don't be silly. Of course we kno
> > Actually you left something out, the PRNG by definition must have a
> > modulus of repetition. At some point it starts the sequence over.
> >
> As usual, Jim is wrong. There are deterministic systems which never
> repeat. For example, there is an algorithm which will give you the
> nth digit o
> Jim Choate[SMTP:[EMAIL PROTECTED]]
>
> On Mon, 22 Apr 2002, Trei, Peter wrote:
>
> > The defining difference between the two is that if you know the
> > algorithm and seed, the output of a PRNG can be reproduced,
> > at a different time, place. or both. There are circumstances in
> > wh
On Mon, 22 Apr 2002 [EMAIL PROTECTED] wrote:
> --
> On 22 Apr 2002 at 17:38, Jim Choate wrote:
> > If you can't develop a RNG in software (ie you'd be in a state
> > of sin), what makes you think you can do it using -only- digital
> > gates in hardware? You can't.
>
> Classic Choatian physi
On Mon, 22 Apr 2002, Trei, Peter wrote:
> The defining difference between the two is that if you know the
> algorithm and seed, the output of a PRNG can be reproduced,
> at a different time, place. or both. There are circumstances in
> which this is very much a desired quality.
Actually you le
hi,
I get the point.Thanx for all the replies.
regards Data.
--- Joseph Ashwood <[EMAIL PROTECTED]> wrote:
>
> - Original Message -
> From: "gfgs pedo" <[EMAIL PROTECTED]>
>
> > > > Oh surely you can do better than that - making
> it
> > > hard to guess the seed
> > > > is also clearl
- Original Message -
From: "gfgs pedo" <[EMAIL PROTECTED]>
> > > Oh surely you can do better than that - making it
> > hard to guess the seed
> > > is also clearly a desirable property (and one that
> > the square root "rng"
> > > does not have).
> U can choose any arbitrary seed(greater
- Original Message -
From: "Eugen Leitl" <[EMAIL PROTECTED]>
> On Mon, 22 Apr 2002, Tim May wrote:
>
> > What real-life examples can you name where Gbit rates of random digits
> > are actually needed?
>
> Multimedia streams, routers. If I want to secure a near-future 10 GBit
> Ethernet st
On Mon, 22 Apr 2002, Trei, Peter wrote:
> So my suggestion is that while hardware accelaration of PRNGs may have
> some usefulness, true RNGs need not have the same performance. I'd
> rather see people work on making the true RNGs *trustworthy*, which is
> a much more difficult problem.
Out of c
Ben Laurie wrote:
>
> gfgs pedo wrote:
> >
> > hi,
> >
> > --- [EMAIL PROTECTED] wrote:
> > > On 22 Apr 2002 at 0:08, Ben Laurie wrote:
> >
> > > > Oh surely you can do better than that - making it
> > > hard to guess the seed
> > > > is also clearly a desirable property (and one that
> > > the s
> [EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]] wrote:
>
> Why would one want to implement a PRNG in silicon, when one can
> easily implement a real RNG in silicon?
>
RNGs and PRNGs serve somewhat different purposes in current
cryptographic systems. Both are useful, but it's not clear to me
that th
gfgs pedo wrote:
>
> hi,
>
> --- [EMAIL PROTECTED] wrote:
> > On 22 Apr 2002 at 0:08, Ben Laurie wrote:
>
> > > Oh surely you can do better than that - making it
> > hard to guess the seed
> > > is also clearly a desirable property (and one that
> > the square root "rng"
> > > does not have).
>
hi,
--- [EMAIL PROTECTED] wrote:
> On 22 Apr 2002 at 0:08, Ben Laurie wrote:
> > Oh surely you can do better than that - making it
> hard to guess the seed
> > is also clearly a desirable property (and one that
> the square root "rng"
> > does not have).
U can choose any arbitrary seed(greate
On Mon, 22 Apr 2002, Tim May wrote:
> What real-life examples can you name where Gbit rates of random digits
> are actually needed?
Multimedia streams, routers. If I want to secure a near-future 10 GBit
Ethernet stream with a symmetric cypher for the duration of a few years
(periodic rekeying f
At 08:09 AM 4/22/02 +0200, Eugen Leitl wrote:
>> And if one is implementing a PRNG in software, it is trivial to
>> have lots of internal state (asymptotically approaching one-time
>> pad properties).
>
>Yes, but software is too slow to be able to handle >GBit data rates.
It's
>inefficient use of
On Sunday, April 21, 2002, at 11:09 PM, Eugen Leitl wrote:
> On Sun, 21 Apr 2002 [EMAIL PROTECTED] wrote:
>
>> Why would one want to implement a PRNG in silicon, when one can
>> easily implement a real RNG in silicon?
>
> Both applications are orthogonal. PRNG != entropy.
>
>> And if one is impl
On Sun, 21 Apr 2002 [EMAIL PROTECTED] wrote:
> Why would one want to implement a PRNG in silicon, when one can
> easily implement a real RNG in silicon?
Both applications are orthogonal. PRNG != entropy.
> And if one is implementing a PRNG in software, it is trivial to
> have lots of interna
On Sunday, April 21, 2002, at 09:53 PM, Joseph Ashwood wrote:
> - Original Message -
> From: <[EMAIL PROTECTED]>
> To: "Tim May" <[EMAIL PROTECTED]>; "Eugen Leitl" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Sunday,
- Original Message -
From: <[EMAIL PROTECTED]>
To: "Tim May" <[EMAIL PROTECTED]>; "Eugen Leitl" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday, April 21, 2002 1:33 PM
Subject: CDR: Re: Two ideas for random number generation
> Wh
On 21 Apr 2002 at 10:00, Major Variola (ret) wrote:
> At 11:22 AM 4/21/02 +0200, Eugen Leitl wrote:
>
> >I disagree here somewhat. Cryptography ttbomk doesn't have means of
> >construction of provably strong PRNGs, especially scalable ones, and
> with
> >lots of internal state (asymptotically ap
At 11:22 AM 4/21/02 +0200, Eugen Leitl wrote:
>I disagree here somewhat. Cryptography ttbomk doesn't have means of
>construction of provably strong PRNGs, especially scalable ones, and
with
>lots of internal state (asymptotically approaching one-time pad
>properties), and those which can be mappe
On Sat, 20 Apr 2002, Tim May wrote:
> As a meta-point, the world is not in short supply of lots of good RNGs,
> ranging from Johnson noise detectors to very strong Blum-Blum-Shub
> generators. The interesting stuff in crypto lies in other places.
I disagree here somewhat. Cryptography ttbomk d
On Saturday, April 20, 2002, at 01:51 PM, gfgs pedo wrote:
> hi,
>
> Here are two ideas which came up in my mind.
> Since I have done a few diagrams for illustration and
> thought that it will not be a good idea as
> attachment,I have put the ideas at the following url
> http://www.ircsuper.net/
gfgs pedo wrote:
>
> hi,
>
> Here are two ideas which came up in my mind.
> Since I have done a few diagrams for illustration and
> thought that it will not be a good idea as
> attachment,I have put the ideas at the following url
> http://www.ircsuper.net/~neo/
>
> I sincerely appreciate ur com
For the start, before deeper analysis, it would be a good idea to run Diehard
on the output, just to check for the obvious problems.
=
end
(of original message)
Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/
hi,
Here are two ideas which came up in my mind.
Since I have done a few diagrams for illustration and
thought that it will not be a good idea as
attachment,I have put the ideas at the following url
http://www.ircsuper.net/~neo/
I sincerely appreciate ur comments.Thank u for ur
time.
Regards Da
69 matches
Mail list logo
