Re: True Random Number Generator

On 2010-02-08, Mok-Kong Shen <mok-kong.shen@xxxxxxxxxxx> wrote:
Mok-Kong Shen wrote:

....................... The essence of the
point, I suppose, is that it can be a valuable research enquiry to find
efficient and good entropy combiners such that, by inputing a plaintext
and a sufficiently random key stream, one could achieve a resulting
entropy of 1 - epsilon per bit, .................

Just an observation: If one uses a good block cipher like AES to
encrypt, it is common that a single key is used to process a fairly
long plaintext stream. But the key has at most 128 bits of entropy.
Isn't it a miracle that the resulting ciphertext stream (a result
of combination) has very high entropy? Or is it rather the case that
the ciphertext stream doesn't possess much higher entropy per bit
"after all" in comparison with the plaintext stream (the enhancement
of entropy per bit being at most 128 divided by the (commonly
relatively large) total number of bits being processed) and thus the
achieved security, on which one "believes", were actually an illusion
(cf. optical illusions)?

Of course it is. We know the attack. Try every one of the 2^128 keys and
see which one works. That is the 128 bits of entropy. the problem is
that "try all 2^128 keys" is really really tedious. Ie, this indicates
that if done properly, 128 bits of entropy is sufficient to hide any
text you wish, for all practical purposes. (at least for now). 128 bits
of entropy is really a lot of different states.

M. K. Shen


Relevant Pages