[145827] in cryptography@c2.net mail archive
Re: Randomness, Quantum Mechanics - and Cryptography
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Wed Sep 8 11:00:11 2010
Date: Wed, 8 Sep 2010 10:58:56 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Jerry Leichter <leichter@lrw.com>
Cc: John Denker <jsd@av8n.com>, "cryptography@metzdowd.com List"
<cryptography@metzdowd.com>
In-Reply-To: <02AB3723-D446-49A2-A719-90CA9E806C67@lrw.com>
On Tue, 7 Sep 2010 22:22:57 -0400 Jerry Leichter <leichter@lrw.com>
wrote:
> On Sep 6, 2010, at 10:49 PM, John Denker wrote:
> > It's easy to pin down. If it's unpredictable to the attacker,
> > it's unpredictable enough for all practical purposes.
> I was talking about mathematical, even philosophical, underpinnings
> - not "practical purposes".
>
> In any case, even if you are concerned with practice, the
> statement that something is "unpredictable to the attacker" sounds
> suspect. After all, most junk cryptographic arguments claim that
> some algorithm is "not reversible by the attacker". One should
> really expect more.
Actually, I've seen a significant number of proofs in the crypto world
that amount to "show that the attacker cannot distinguish these bits
from a set of random bits with probability better than uninformed
guessing".
It appears to be reasonable to think that if the attacker cannot
distinguish a stream from a "true" random stream, or cannot predict
the next bit with better probability than chance, the attacker has no
handle on which to base an attack. I would invite people who are
more versed on this topic to chime in.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
