[Cryptography] ideas for (long) Nothing up my sleeve numbers

Miroslav Kratochvil exa.exa at gmail.com
Tue Apr 1 03:48:18 EDT 2014 

 My best guess is "Pi and Euler's number to a very high percision", but
>>> that seems boring.
>>>
>>
>> I doubt that this is the best idea, as they are certainly not
>> pseudo random.
>>
>
> To my eye randomness is much different from "sleeveness" (...)
>

Sampo, thanks for a very detailed explanation, this is something I should
probably have read a bit earlier.

OK, to re-state my original requirements:

1. I need N.U.M.S. numbers so that everyone sees I'm not plotting something,
2. I need the numbers to match the specification of what the SYND's cipher
matrices need to look like.

Now...
1. gets quite trivial from this perspective. As many people here suggested,
I guess that any well-known irrational number will do. There were also
other "multi-authority decision" strategies (I'm extra grateful for the RFC
someone linked), but I'll leave that for bigger&non-pet projects. :]

2. is harder; lets get to coding theory -- so-called "random codes" (which
we are producing by this) actually have extremely high chance of having the
qualities one needs for SYND (e.g. good minimum distance and so). This
chance is usually measured from a random sample of all codes over F_2^n for
some reasonable n, from that they are called "random" and probably from
that I made the mess with using "random" word more than I should. :D

Therefore, for this purpose, it is sufficient that "there's no
(polynomially) recognizable underlying structure that could be used for
decoding" in the matrices; which has been shown to easily reduce to the
fact that the codes look "uniformly random" (words from the paper).

>From this, I guess that the best idea what to do now is:

- generate the N.U.M.S. from everything that has been suggested here
(including bitcoin blockchain :] ),

- run some test for uniform randomness on them (I use 'dieharder' tool for
quicktesting my stuff, are there any better suggestions?)

- run some similar tests for quality of SYND output on those

- choose two best passing entries and use them

So I'm off to statistics. :D

Thanks a lot again,
-mk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140401/e6d3f8dd/attachment.html>

More information about the cryptography mailing list