Home >

# entropy

• ## Entropy extractor for thermal noise collected from camera inputApril 6

I have read this paper (pdf) which talks about measuring the entropy of thermal noise collected from camera input. They estimate the minimum entropy at about 4 bits per pixel. Probably estimating 1 bit per color looks to be the safest option from loo

• ## Is the concept of provably secure hash the same as entropy smoothing hash functions?February 14

Is the concept of provably secure hash the same as entropy smoothing hash functions? In the tutorial Sequences of Games: A Tool for Taming Complexity in Security Proofs V. Shoup shows us a proof of semantic security of a hashed ElGamal encryption. In

• ## Python NLTK: What's the difference between total entropy and per-word entropy?February 11

I'm required to find both the total cross entropy and per-word cross entropy of a given text using NLTK. Specifically I'm using the entropy function here... http://www.nltk.org/_modules/nltk/model/ngram.html ...but I'm unsure whether this calculates

• ## Calculating entropy in RFebruary 7

A=c("f","t","t","f","t","f","f","f","t","f") B=c("t","t","t","t","t","f","f","f&

• ## Is there a threshold of bits of entropy below which hashing becomes meaningless?February 3

I just read a help page by a mail provider in which they state that all mobile phone numbers will be stored as a salted hash. This strikes me as interesting, since phone numbers don't contain a lot of entropy: about 31 bits by my calculations. Depend

• ## Is part of an output of secure PRNG also cryptographically secure?February 3

Lets say I generate 192 bits using some secure PRNG. If I now take first 128 bits is it equivalent of generating 128 bits in the first place? P.S. More practical application for me is that I need a machineKey for the ASP.NET, I use IIS UI for it and

• ## Decision tree entropy calculation targetFebruary 2

I found several examples of two types. Single feature Given a data with only two items classes. For only blue and yellow balls. I.e. we have only one feature in this case is color. This is clear example to show "divide and conquer" rule applicab

• ## Are there any practical ways to transfer random data securely?January 30

The owner of the random.org service recommends that you do not use randomly generated numbers from their website in cryptographic keys. This makes sense, but it got me wondering. Is it possible to securely transfer random values in such a way that th

• ## Does eliminating the possibility of repeat words make Diceware passwords significantly less secure?January 28

I read about Diceware passphrases and whipped up a little program to generate passwords in that style. I do this by taking the list of dictionary words to create passwords and "ordering them" by a random number (one produced by System.Security.C

• ## Understanding PHP Session EntropyJanuary 23

In the session section of php.ini there is a directive called session.entropy_length. I'm aware that it's used to make the generation of the Session ID "more random". How does it make the Session ID more random? What is the maximum length? What

• ## With openssl des3, what are the passphrase parameters?January 14

I'm using OpenSSL's des3 tool to encrypt a file, e.g. openssl des3 -salt -k SUPER_SECURE_PASSPHRASE < inputFile > outputFile Everything's working, but now I have to choose a final, fixed encryption passphrase. It doesn't need to be memorized, so obv

• ## Is there any practical weakness to using MT19937 to generate passphrases?January 13

Suppose I use MT19937 to choose random words out of (say) the Diceware word list. I know MT19937 is not considered a cryptographically secure PRNG, but Wikipedia suggests the weakness is rather uninteresting for this purpose: The algorithm in its nat

• ## Is CPU timing jitter a usable entropy source?January 3

In some virtualized environments, the only source of entropy available is CPU timing jitter. Can one get enough entropy from this source for practical uses? Also, is this secure against local side-channel attacks against unprivileged local attackers?

• ## How is the One Time Pad (OTP) perfectly secure?December 6

The Wikipedia entry on One Time Pads (OTPs) states that if this cipher is used properly; ie, the keys are truly random and each "part" of the key is independent of every other "part", it's uncrackable, and yields perfect secrecy H(M|C)

• ## Strength of variable-length generated passwordDecember 4

I am contributing to the Word Sequencer plugin for KeePass password manager, which can generate diceware-style passwords using a high-quality PRNG. Something in particular I'm working on is estimating the strength of passwords generated using the too

• ## How much entropy should passphrases for encrypting ssh keys have?December 1

When one generates keys using ssh-keygen one gets prompted for a passphrase to encrypt the generated key with. How strong should such a passphrase be, entropywise, to withstand a full-blown brute-force dictionary attack? Also, are there any ssh confi

• ## How much entropy is generated by 'random' human keystrokes?December 1

I'm wondering about using human input as an entropy generator. We all know humans are terrible at making up random numbers or keys or passwords. But what if we let a user 'randomly' type in some garbage. Just smashing the keyboard, so to speak. How m

• ## Reusing same source for single-source randomness extractorNovember 29

Let \$ext\$ be a single-source randomness extractor which takes a \$d\$-bit seed and a \$n\$-bit source as input and produces a \$m\$-bit output. Suppose we have a source \$X\$ with min-entropy \$k\$. Is it possible to reuse \$X\$ with different random seeds \$S_1,

• ## Will entropy be lost by using a DRBG?November 25

Lets assume we have a DRGB (deterministic random bit generator) which is seeded by a good true RBG (random bit generator). Before any bit has been read from the DRBG, the entropy is clearly the number of bits of the seed. But is entropy lost, when I

• ## Securing a Secure Entropy ServiceNovember 24

Many moons ago, I answered a question about Java blocking due to a lack of entropy in /dev/random. (http://security.stackexchange.com/a/53025/41709) My main suggestion was to use /dev/urandom, but I also suggested that in VM environments, urandom sho