1996-04-13 - Re: Entropy Estimator

Header Data

From: rick hoselton <hoz@univel.telescan.com>
To: cypherpunks@toad.com
Message Hash: 3ba00bbdda798b38942c81074ee779c5476f19d79ceb9bb13afb0c2cedb9d1cb
Message ID: <199604122106.OAA15596@toad.com>
Reply To: N/A
UTC Datetime: 1996-04-13 03:50:48 UTC
Raw Date: Sat, 13 Apr 1996 11:50:48 +0800

Raw message

From: rick hoselton <hoz@univel.telescan.com>
Date: Sat, 13 Apr 1996 11:50:48 +0800
To: cypherpunks@toad.com
Subject: Re: Entropy Estimator
Message-ID: <199604122106.OAA15596@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:19 AM 4/12/96 -0400, JonWienke@aol.com wrote:

>I just added a feature to my entropy graphing program that 
>estimates the number of bits of entropy in the file,

Hey, that's just what I need.  I have these two 8-million byte 
files.  One is a recording made by a geiger counter, every bit 
is uncorrelated with anything else in the universe and each bit 
is equally likely to be a one or a zero.  The second file is an 
IDEA encryption of all the four-byte numbers 
from one to two-million.

Here's my problem.  I can't remember which file is which, and I've 
forgotten sixty-four bits of the key I used to produce the encrypted file.

That's where your technique come in.  The first file has sixty-four 
million bits of entropy.  The second file has only sixty-four bits 
of entropy, total (the missing key bits).  Surely, your technique can 
tell me which file is which.

Estimating entropy can be difficult, and I don't expect perfection.
But any measuring technique that is not a complete HOAX must be able 
to clearly find a difference of six orders of magnitude.  If you tried 
to give me a ruler that couldn't detect the difference between a 
millimeter and a kilometer, I might think you misunderstood 
something about the concept of distance.  If encouraged me to use a 
clock that could not measure the difference between a minute and a year, 
many would conclude that you were not an expert in chronology.

So, if your technique is worth anything at all, it should be able to 
accomplish this easy task.

PS.  I think it is your patriotic duty to report this technique to the 
Federal government.  They frequently need to distinguish between 
ciphertext and just plain random digits.  A breakthrough like this 
would have a major impact on national security.  They might be 
willing to remove ITAR restrictions from cryptography, out of 
gratitude to the cypherpunks.  







Thread