1996-04-13 - RE: Entropy Estimator

Header Data

From: Blake Coverett <blake@bcdev.com>
To: “cypherpunks@toad.com>
Message Hash: 949a12f77e2ad227152f46830131264cd330951f2f5d7d849aad0d7383343c8e
Message ID: <01BB28AF.778AE600@bcdev.com>
Reply To: N/A
UTC Datetime: 1996-04-13 12:37:30 UTC
Raw Date: Sat, 13 Apr 1996 20:37:30 +0800

Raw message

From: Blake Coverett <blake@bcdev.com>
Date: Sat, 13 Apr 1996 20:37:30 +0800
To: "cypherpunks@toad.com>
Subject: RE: Entropy Estimator
Message-ID: <01BB28AF.778AE600@bcdev.com>
MIME-Version: 1.0
Content-Type: text/plain


> them.  So far, the results have been consistent within 20%.  EXE's show 3-4
> entropy bits/byte, ZIP files show 6-7, and DLL's and text files show 1-2.

Hmm... EXEs have twice the average entropy of DLLs??

The structural difference between an EXE and a DLL is
a single flag in the header.  I suspect that either your sample
inputs are highly non-representative or your algorithm for
estimating entropy is badly flawed.

regards,
-Blake






Thread