[21575] in cryptography@c2.net mail archive
Re: Linux RNG paper
daemon@ATHENA.MIT.EDU (leichter_jerrold@emc.com)
Fri Mar 24 11:04:48 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: leichter_jerrold@emc.com
To: kelsey.j@ix.netcom.com
Cc: dwmalone@maths.tcd.ie, solinym@gmail.com,
Michael.Heyman@sparta.com, cryptography@metzdowd.com,
zvikag@cs.huji.ac.il, benny@cs.haifa.ac.il
Date: Fri, 24 Mar 2006 09:17:47 -0500
| Min-entropy of a probability distribution is
|
| -lg ( P[max] ),
|
| minus the base-two log of the maximum probability.
|
| The nice thing about min-entropy in the PRNG world is that it leads to
| a really clean relationship between how many bits of entropy we need
| to seed the PRNG, and how many bits of security (in terms of
| resistance to brute force guessing attack) we can get.
Interesting; I hadn't seen this definition before. It's related to a
concept in traditional probability theory: The probability of ruin. If
I play some kind of gambling game, the usual analysis looks at "the
value of the game" strictly as my long-term expectation value. If,
however, I have finite resources, it may be that I lose all of them
before I get to play long enough to make "long-term" a useful notion.
The current TV game show , Deal Or No Deal, is based on this: I've yet
to see a banker's offer that equals, much less exceeds, the expected
value of the board. However, given a player's finite resources - they
only get to play one game - the offers eventually become worth taking,
since the alternative is that you walk away with very little. (For
that matter, insurance makes sense only because of this kind of
analysis: The long-term expectation value of buying insurance *must*
be negative, or the insurance companies would go out of business -
but insurance can still be worth buying.)
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
