1993-01-27 - Randomness and RE>OTPs

Header Data

From: “Scott Collins” <scott_collins@genmagic.genmagic.com>
To: “Cypher Punks” <cypherpunks@toad.com>
Message Hash: 791d4027c3fd30ba891a838278fedc7d2601ba263b0ca27ed175b9d986b085d7
Message ID: <9301271839.AA25190@>
Reply To: N/A
UTC Datetime: 1993-01-27 18:40:15 UTC
Raw Date: Wed, 27 Jan 93 10:40:15 PST

Raw message

From: "Scott Collins" <scott_collins@genmagic.genmagic.com>
Date: Wed, 27 Jan 93 10:40:15 PST
To: "Cypher Punks" <cypherpunks@toad.com>
Subject: Randomness and RE>OTPs
Message-ID: <9301271839.AA25190@>
MIME-Version: 1.0
Content-Type: text/plain


Subject:  Randomness and RE>OTPs

>Does anybody remember a good recipe for converting a biased RNG into an
>unbiased one?  I can't think of one off the top of my head, and that's
>what Thug's friend seems to need.  This has been discussed at length in
>the literature.

1. If you want randomness, introducing order is bad.  As Eric Hughes
pointed out, trimming runs reduces the entropy of the sequence.  You
want to increase the entropy i.e. maximize the surprise.  One good
way to increase the entropy is to compress the 'random' sequence.  The
output of a good compressor has greater entropy than the input.  If the
input is already random, no harm done (again, with a GOOD compressor...
otherwise it is easy to accidentally introduce order).  If the input
has some subtle bias or regularity, the compressor will get rid of it
(at the cost of reducing the total volume of the sequence).  Good
compressors are much better at detecting regularity (and eliminating it)
than human beings.

2. Of course (as Thug stated) you are (also) compressing the plaintext before
you encrypt it.  It is best to do this with an adaptive scheme and an
arithmetic encoder so that a) the entropy of the plaintext is maximized
and so that b) accidentally decrypting something correctly in the middle
of the stream is useless.

My recommendation for a good binary scheme is DMC (dynamic markov compression)
feeding into almost any binary arithmetic encoder (e.g. the Q-coder, et. al.).
I would use this to compress both the plaintext stream before encryption, and
a 'suspect' random number stream.

If there is interest, I will post a bibliography of papers and books
relating to this.

Scott Collins (Scott_Collins@genmagic.com)







Thread