Re: SPES (my new encryption) one of its kind

although method like this may lead to objections being raised ,however
unless the hacker knows that you are now collecting data for randomness
he will not get the pages
Hum, it seem that idea is quite popular, I was thinking something
similar posting on sci.crypt.random-numbers some years ago!
However it has some shorcomings: it's easy to track or tamper, is not
viable when low speed connection or no connection at all is available.
Moreover the entire size of human data (not all accessible!) is
exteemed to be in the order of magnitude of exabyte in size
(http://en.wikipedia.org/wiki/Exabyte), to give an idea of what means,
16 exabyte are 8*2^64 bits, about in the order of bits * 10^20
If you think to a 64 bit cypher or prng, the keyspace (longer
considered obsolete) is sized 64 bit * 2^64 keys thats 16 exabyte
too...
That doesn't mean a lot by itself, an exabyte of zeroes is not suitable
to be sampled for randomness, while instead you may find an exabyte of
pure random data.
However, that should spot that you should not rely on the quantity of
the data sampled, but rather on the method and on the quality of the
sample.
i.e. a mouse movement, providing it's not intercepted by malicious
programs, contain some pits of randomness, the entire wikipedia dump,
that the attacker may download as well if only know your sampling
method will not bring a single bit of randomness, since the attacker
got it... if sampling the wikipedaia dump is one out of two mathods,
the attacker has 50% chance of chosing the right method and recover the
whole GB sized "randomness" pool, and so on (so the randomness is in
how the method coiche is seeded, it's plainly moving the problem to
another level, and, being realistic, posing some tecnical issue to the
attacker... and many to the legitimate receiver too).

.

Relevant Pages

  • Re: urandom sufficient for e.g. SSL?
    ... whole field an incredible disservice in their weasle words. ... rightly point out that /dev/urandom uses a PRNG, seeded by real randomness, ... A PRNG is quite sufficient provided that the ... IF an attacker has root on the machine in question, ...
    (sci.crypt)
  • Re: strengthening /dev/urandom
    ... It's not at all based on the input data. ... randomness of the data. ... Seems like the creators knew estimating randomness from input data was a ... > pose a fundamental barrier to a real attacker (as opposed to a temporary ...
    (sci.crypt)
  • Re: Junk mail in sci.crypt
    ... can be - it is the definitive state of randomness by ... A cryptographically secure PRNG makes it difficult for the attacker to ... predetermined arrays. ... to know how to make the same selection as Alice. ...
    (sci.crypt)
  • Re: new /dev/random
    ... >>needs to come from a source of true entropy. ... randomness, then assuming there is 1 bit of randomness per timing event ... - No pre-imiage attacks are known for your hash function ... - An attacker does not have access nor the ability to manupulate the ...
    (sci.crypt)
  • Re: Einstein might have had a point
    ... Somebody posted a message which seemed to me to say that Determinism is not ... How would randomness cause an event? ... sampling method is crucial. ... standard deviation and standard error should ...
    (uk.philosophy.humanism)