Matt Crawford wrote:
>
> As some sort of a physicist, I the way the word entropy is used in
> crypto does not bother me at all. It corresponds well with the
> statistical mechanics definition of entropy as a measure of the
> number of microstates of a system which correspond to the same
> macrostate -- for example, the number of ways a given amount of
> energy can be distributed among the molecules.
>
> But
>
> > "the conditional entropy of a measurement given all the information
> > about the measurement that an attacker is expected to acquire,
> > under the threat model for which the present use is being designed."
>
> contains a phrase "conditional entropy" that means nothing at all to
> me, and generally goes "thud" upon the ear.
>
> Matt Crawford
Matt,
"conditional entropy" is defined via conditional probabilities.
It's an information theory term -- the entropy of some variable,
given knowledge of other, related variables. I used it there
because that's what I'm trying to express: what one respondant
called "the attacker's uncertainty" -- assuming the attacker
has some knowledge of my system, inputs, ....
- Carl
--
Carl M. Ellison [EMAIL PROTECTED] http://www.pobox.com/~cme
PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2
``Officer, officer, arrest that man! He's whistling a dirty song.''
[Jean Ellison]
