[Cryptography] Entropy is forever ...

R. Hirschfeld ray at unipay.nl
Sun Apr 19 21:14:27 EDT 2015


> Well, on the philosophy list or even the "pure mathematics"
> list you are free to hypothesize any probability measure you
> like, no problem there.  However, crypto depends on real-world
> engineering.  It depends on math also, but not math alone.
>
> By way of analogy:  In pure mathematics, the axioms of Euclidean
> geometry assume a flat space.  If you want to assume that, go
> ahead ... but remember that's just a mathematical fantasy.
> Don't turn around and pretend that you have proved that the
> earth is flat, or that spacetime is flat.
>
> In the world where I live, the metric (i.e. the curvature) is
> not determined by pulling axioms out of some bodily orifice;
> it has to be measured.  By the same token, you cannot assign
> entropy to this-or-that string by cranking up the first Turing
> machine you find lying around.  The entropy is a property of
> the ensemble, not a property of the string.  In fact it is
> an ensemble average, the expectation value of the surprisal.
> It has to be based on measurements, not on philosophy, not
> on arbitrary hypotheses.

I'm not sure exactly what you're driving at with this analogy.  If you
want to live by the latest theories that most closely match empirical
observation to date, great.  But to assert that they are "right" or
"correct" is to take a philosophical position.  And in the real world
it's often more practical to use a "wrong" theory, e.g., traditional
classical mechanics when relativistic effects are negligible.

Anyway, all I was saying is that there is a theory of randomness in
which some individual strings are considered more random than others.
I don't claim any practical relevance to cryptography, so perhaps
indeed that is enough said about it on this list.






More information about the cryptography mailing list