Re: [RFC][PATCH] Make cryptoapi non-optional?

[Val Henson]

On Sat, Aug 16, 2003 at 06:27:44AM +0000, David Wagner wrote:
> Val Henson  wrote:
> >If entropy(x) == entropy(y), then:
> >
> >entropy(x) >= entropy(x xor y)
> >entropy(y) >= entropy(x xor y)
> 
> No, that's still wrong.  Please see my earlier email with a counterexample.
> That counterexample disproves not only the earlier claim, but also this more
> recent revised claim.

Sigh.  Yes, I was thinking of the case where x and y already have
maximum entropy, in which case

entropy(x) >= entropy(x xor y)

For any y.  The point I was really trying to make (badly) is that
xoring won't increase entropy on average in this particular case
(folding the output of SHA-1).  In other words, xoring won't make
anything better, and has the possibility of making things worse.  In
any way I evaluate it, folding and truncating are just as good for
this particular case, except that folding costs more
computationally. (The computational cost was significant enough to
have a measurable effect on throughput, so I'm not arm-chair
optimizing here.)

I sacrifice any earlier points I attempted to make on the altar of
hasty mathematics.

-VAL
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/