building a true RNG
James A. Donald
jamesd at echeque.com
Tue Jul 30 14:10:02 EDT 2002
--
On 30 Jul 2002 at 17:02, Amir Herzberg wrote:
> I found that when trying to explain and define hash functions
> and their properties, I didn't find a satisfactory definition
> for the `randomness` properties.
Randomness is of course indefinable. A random oracle is however
definable.
If SHA-1 is indistinguishable from a random oracle without prior
knowledge of the input, then we would like to prove that for an
attacker to make use of the loss of entropy that results from the
fact that it is not a random oracle, the attacker would be need to
be able to distinguish SHA-1 from a random oracle without prior
knowledge of the input.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
CxPM+cm8zcgy+aC2EA+wlmYH4DUaMzSLmaJFJN6v
225C9EmZaK85VbOoLT5EpF24GeytUdtyW9T/FjXgw
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list