[144604] in cryptography@c2.net mail archive
Re: work factor calculation for brute-forcing crypto
daemon@ATHENA.MIT.EDU (David Wagner)
Sun Jul 19 14:33:48 2009
From: David Wagner <daw@cs.berkeley.edu>
To: cryptography@metzdowd.com
Date: Fri, 17 Jul 2009 22:54:03 -0700 (PDT)
>Assume for a moment that we have a random number generator which is
>non-uniform, and we are using it to generate a key.
>
>What I'd like to do is characterize the work factor involved in
>brute-force search of the key space, assuming that the adversary
>has knowledge of the characteristics of the random number generator?
You may want to use the guessing entropy.
I've written about it before here:
http://www.cs.berkeley.edu/~daw/my-posts/entropy-measures
Christian Cachin's thesis is a wonderful introduction to entropy
measures, including the guessing entropy.
By the way, I'll make the obvious recommendation: Try to avoid
using a non-uniform random number generator to generate a cryptographic
key, if you can.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
