Randomness, Quantum Mechanics - and Cryptography
Perry E. Metzger
perry at piermont.com
Wed Sep 8 10:58:56 EDT 2010
On Tue, 7 Sep 2010 22:22:57 -0400 Jerry Leichter <leichter at lrw.com>
wrote:
> On Sep 6, 2010, at 10:49 PM, John Denker wrote:
> > It's easy to pin down. If it's unpredictable to the attacker,
> > it's unpredictable enough for all practical purposes.
> I was talking about mathematical, even philosophical, underpinnings
> - not "practical purposes".
>
> In any case, even if you are concerned with practice, the
> statement that something is "unpredictable to the attacker" sounds
> suspect. After all, most junk cryptographic arguments claim that
> some algorithm is "not reversible by the attacker". One should
> really expect more.
Actually, I've seen a significant number of proofs in the crypto world
that amount to "show that the attacker cannot distinguish these bits
from a set of random bits with probability better than uninformed
guessing".
It appears to be reasonable to think that if the attacker cannot
distinguish a stream from a "true" random stream, or cannot predict
the next bit with better probability than chance, the attacker has no
handle on which to base an attack. I would invite people who are
more versed on this topic to chime in.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list