Re: Good enough for crypto?

From: Scott Wilber (swilber_at_comscire.com)
Date: 12/10/03

• Next message: David Wagner: "Re: Voice encryption (Stream vs CBC mode)"
• Previous message: Mario Fischer: "Remarks: Re: MIX-Network Playback attack"
• In reply to: Tom St Denis: "Re: Good enough for crypto?"
• Next in thread: Tom St Denis: "Re: Good enough for crypto?"
• Reply: Tom St Denis: "Re: Good enough for crypto?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 9 Dec 2003 15:21:35 -0800

"Tom St Denis" <tomstdenis@iahu.ca> wrote in message news:<yqpBb.23165$r%u1.4443@twister01.bloor.is.net.cable.rogers.com>...
> "R3769" <r3769@aol.com> wrote in message
> news:20031209134709.08176.00000520@mb-m16.aol.com...
> > MKS wrote:
> >
> > > So how is one to be convinced that your
> > >package leads to better decision on the quality of
> > >sequences being tested than the other well-known
> > >packages?

Try testing a 10Mbit file with the NIST tests.

> > However, the claim that most of the generators that pass Diehard fail the
> > Comscire tests would be much more meaningful if only files of equal sizes
> where
> > tested. How many datasets of 11mb are there that pass Diehard and yet
> fail
> > RNGmeter? Has even one been exhibited? I call this the "Lizard" test for
> > randomness testers.
>
> If the dude wants to make sales he should back it up. E.g. if a PRNG fails
> his test that means his test can predict the outputs with a non-uniform
> probability [since afterall that's all you really need for "randomness"].
>
> Show a PRNG which fails then show how to use that to recover the output.
>
> Tom

The RNGmeter is simply a tool for comparing the statistical quality of
various generators, partly as an aid to designing better ones. I
don't believe we have claimed anything else, except that it is a good
tool. Also, you may note that the RNGmeter is free.

If it could automatically use a failure in statistics to "recover the
output," then I think the US government would not allow it to be given
away on the internet.

Scott

---

• Next message: David Wagner: "Re: Voice encryption (Stream vs CBC mode)"
• Previous message: Mario Fischer: "Remarks: Re: MIX-Network Playback attack"
• In reply to: Tom St Denis: "Re: Good enough for crypto?"
• Next in thread: Tom St Denis: "Re: Good enough for crypto?"
• Reply: Tom St Denis: "Re: Good enough for crypto?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: What is the problem with my HD with Win 2k? ... That depends on how it fails. ... If the BIOS does not mount the partitions as ... detected by the BIOS at startup, there will be no easy way to recover the ... (microsoft.public.win2000.hardware) Re: HOw to decrypt a word doc ... that dropdown, including, as a last resort, "Recover text from any file." ... If all else fails, try the 'Recover text from any document' ... "Yasser Shahzad Qureshi" <Yasser Shahzad ... (microsoft.public.word.docmanagement) Re: Portable hard drives your take? ... not recover your data. ... fails and floods your house, the manufacturer probably will send you a new valve but will not pay to install it or compensate you for the damage to your property. ... (comp.sys.ibm.pc.hardware.storage) Re: [PATCH 2.6.19 5/5] fs: freeze_bdev with semaphore not mutex ... and the subsequent resume fails, ... Well, but this is equivalent to a power failure immediately after the sync, so ... there _must_ be a way to recover the filesystem from that, ... (Linux-Kernel)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)