[Cryptography] ideas for (long) Nothing up my sleeve numbers
Viktor Dukhovni
cryptography at dukhovni.org
Mon Mar 31 14:20:57 EDT 2014
On Mon, Mar 31, 2014 at 10:47:19AM -0500, Judd Storrs wrote:
> For "nothing up your sleeve" what about using well-known data to
> reproducibly derive the numbers? For example you could use one of the
> typical image processing test images[1] such as cameraman, peppers,
> mandril or Lena using versions taken from curated databases[2].
> Similarly, you could use census data or other government publications
> that are widely archived and curated. The bitcoin blockchain is also a
> possibility--you could process the first 1000 or so bitcoin blocks.
> Whatever processing would have to be simple and the data you rely on
> would have to be unlikely to be crafted by you.
Too many degrees of freedom in choosing real-world data sources.
One really should stick to the *initial* sequence of binary digits
of one of the 3 or so best known irrational numbers.
* sqrt(2) (First to be proved irrational)
* e (First of the well known constants proved transcendental)
* pi (Most famous transcendental)
If none of these yield a sufficiently *generic* (as opposed to
random) sequence of bits, the problem requirements are likely too
narrow to admit a nothing up my sleeve sequence.
If the problem involves algebraic operations on the bit string (as
a large integer rather than bit-wise) one might want to avoid
sqrt(2) since its square is certainly not terribly generic.
--
Viktor.
More information about the cryptography
mailing list