From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Mar 1996 06:13:04 +0800
To: cypherpunks@toad.com
Subject: Re: Truly Random Numbers
Message-ID: <ad5e01180202100432e2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:26 PM 3/2/96, Adam Shostack wrote:
>        My expectation would be that your numbers are not random in a
>cryptographic sense, and that this route of attack is much less
>efficient than others that would be used.
>
>        I'll note that PGP does NOT take your data entered and convert
>it to numbers, but takes timings to choose a hard to predict starting
>point for its prime searching.

Yes, which is why I said this in my post:

"...With a reasonable amount of entropy, such as picking the next digit
from several keyboard timings, I expect the 150-decimal-digit number to be
*very* random!"


>        I'd expect this use of timings is better than using the large
>random number you entered, but in a theory sense only.  Both are
>pretty difficult; thats why we like large numbers. :)

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."