[718] in cryptography@c2.net mail archive
Re: Random numbers from the '60's...
daemon@ATHENA.MIT.EDU (Joshua E. Hill)
Tue May 6 19:49:49 1997
From: "Joshua E. Hill" <jehill@w6bhz.calpoly.edu>
To: colin@nyx.net (Colin Plumb)
Date: Tue, 6 May 1997 16:32:28 -0700 (PDT)
Cc: cryptography@c2.net
In-Reply-To: <9705060507.AA16619@nyx.net> from Colin Plumb at "May 5, 97 11:07:53 pm"
Colin Plumb said:
> What you need is collision freedom. If there are 2^160 possible inputs
> (even if they're thousands of bits long), each of which produces a
> distinct 160-bit output, then clearly no entropy has been lost.
hmmm... As I recall from Crypto '96, several people assumed that
cryptographic hashes acted as "Random Oracles" (things that were
able to extract entropy from less-then-truly-random sources). Most
of them quickly followed this by saying that this had only weak
foundation in theory, but that it simplified things greatly.
I follow your explanation, and I think that this would apply to an
_ideal_ cryptographic hash. Unfortunately, I don't know that we have
any of those right now...
Josh
-----------------------------Joshua E. Hill-----------------------------
| You can't fight the law of conservation of energy |
| but you sure can bargain with it. |
-------jehill@<gauss.elee|galaxy.csc|w6bhz|tuba.aix>.calpoly.edu--------
