work factor calculation for brute-forcing crypto
David Wagner
daw at cs.berkeley.edu
Sat Jul 18 01:54:03 EDT 2009
>Assume for a moment that we have a random number generator which is
>non-uniform, and we are using it to generate a key.
>
>What I'd like to do is characterize the work factor involved in
>brute-force search of the key space, assuming that the adversary
>has knowledge of the characteristics of the random number generator?
You may want to use the guessing entropy.
I've written about it before here:
http://www.cs.berkeley.edu/~daw/my-posts/entropy-measures
Christian Cachin's thesis is a wonderful introduction to entropy
measures, including the guessing entropy.
By the way, I'll make the obvious recommendation: Try to avoid
using a non-uniform random number generator to generate a cryptographic
key, if you can.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list