Luigi Rosa wrote:
Is this a meaningful statement? How do you measure the "entropy" of a seed (which I take to be a string)? And if you can, is it true that you can decrypt a string with low entropy?
You deleted the statement I queried. Here it is "With headless and/or virtual servers the issue is even bigger because Linux could not be able to collect enough entropy to seed /dev/urandom"
The mathematic behind a PRNG (or DRNG to use NIST terminolgy) + Elliptic Curve falls beyond my comprehension, so I have to take for granted what experts say.
I don't believe in "proof by expertise". You used the work "entropy". I'm asking what you mean by it.
The link to PDF I qoted in my previous message goes deep in detail, you can refer to that paper if you need more informations.
You used the word. I'm asking what you meant by it.
There are some models that define or analyze if a sequence is "randomic" you can google around or take a look at http://www.issihosts.com/haveged/ais31.html
The nearest this comes to a definition of "empirical" entropy is "Accumulate the nearest predecessor distance between byte values in a 256000 + 2560 bit sequence and calculate the empirical entropy"
On this basis the digits of pi are random, in which case it would be easy to supply random numbers.