Randomness, Quantum Mechanics - and Cryptography
John Denker
jsd at av8n.com
Mon Sep 6 22:49:10 EDT 2010
On 09/05/2010 08:27 PM, Jerry Leichter wrote:
> If you think about the use of randomness in cryptography, what matters
> isn't really randomness - it's exactly unpredictability.
Agreed.
> This is a very
> tough to pin down: What's unpredictable to me may be predictable to
> you,
It's easy to pin down. If it's unpredictable to the attacker,
it's unpredictable enough for all practical purposes.
> and unpredictability "collapses" as soon as the random value is
> "known" ("measured?"). QM unpredictability as described by Conway seems
> much closer to the kind of thing you really need to get crypto results.
You're working too hard. QM is interesting, but it is overkill
for cryptography. Plain old classical thermodynamical randomness
is plenty random enough.
FWIW, quantum noise is just the limiting case of thermal noise in
the limit of high frequency and/or low temperature. There is no
dividing line between the two, by which I mean that the full range
of intermediate cases exists, and the same equation describes both
asymptotes and everything in between. A graph of noise versus
temperature for a simple circuit can be found at
http://www.av8n.com/physics/thermo/partition-function.html#fig-qho
If anybody can think of a practical attack against the randomness
of a thermal noise source, please let us know. By "practical" I
mean to exclude attacks that use such stupendous resources that
it would be far easier to attack other elements of the system.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list