F = a fixed constant (unknown to you; the is the pool)
T = current time
R[n] = Random output
Given: When R[n] is created F = md5(F+T) and R[n]=sha(F)
(this would be the simplest analogy of the linux random system)
You have a large number of R (say R[n..n+10^10) all taken in
sequence.
Prove: It is likely that you will discover R[n+(10^10)+1] during your
lifetime with the mostpowerful computers you can afford. (Assume
you upgrade yearly using 25% of your income).
Do you now understand why this argument is silly? Even if you boil this
down to it's eaisest to crack level you are still looking at a very
difficult problem (perdicting MD5/SHA).. Let it die.
On Wed, 15 Oct 1997, Ingo Molnar wrote:
>
> On Tue, 14 Oct 1997, Colin Plumb wrote:
>
> > It's just that there is a (very hard to compute)
> > correlation between previously read data and subsequent results.
>
> frequently, such 'unpredictibility proofs' is just based on _one_
> measurement. But here we can basically 'sample' the pool virtually
> _infinit times_. I cant prove it right now, but i _bet_ if i freeze the
> entropy pool and read /dev/urandom, i will get constant/periodic output,
> isnt it so?
>
> 'freezing' the pool, or polling it much faster than events get added to
> the pool is the same thing ...
>
> grrr! :)
>
> -- mingo
>