[Cryptography] ideas for (long) Nothing up my sleeve numbers
Albert Lunde
atlunde at panix.com
Tue Apr 1 20:10:24 EDT 2014
On 4/1/2014 5:27 PM, Sampo Syreeni wrote:
> Essentially, you want a trusted source of well behaved bits you can be
> sure of isn't under suspicion. The binary development of pi serves well
> there for at least three separate reason. First, it's a fundamental
> constant with a history of study considerable longer than that of the
> other likely candidate, e.[...]
> That means you could probably take any thus far unused part of the
> development as your source. But I think it might just pay off to put in
> an extra step which guarantees that not only do you have to use the next
> portion nobody used yet, but to also expend an amount of effort doing
> so. Also, you probably shouldn't be able to choose where you start your
> extraction, at leaast if you get to choose how many bits you're going to
> extract at the same time. And of course the effort should be roughly
> (asymptotically) equal, whether you took two bits separately or a single
> two bit chunk. [...]
In this kind of construction, the "something up my sleeve" may appear to
be how you picked the starting point and other details.
Also note there are algorithms to compute the Nth digit of pi in various
bases without computing the previous digits, so there is no particular
reason to stick with digits in published literature.
But I'd argue you might as well start at the first non-zero binary digit
of pi, and reduce the degrees of freedom in the choice.
--
Albert Lunde albert-lunde at northwestern.edu
atlunde at panix.com (address for personal mail)
More information about the cryptography
mailing list