Consider this: Suppose I handed you the digits of pi, the digits from the millionth digit to the two-millionth digit, and I asked you to determine if they are 'random'. By many tests, you'd conclude that they are random. (Or, at least 'normal' http://en.wikipedia.org/wiki/Normal_numbers <http:///> ) But, in reality they are highly non-random, precisely because they are a million sequential digits of pi. But you wouldn't know that, if you didn't know
On Fri, Jan 24, 2014 at 2:00 PM, Jim Bell <jamesdbell8@yahoo.com> wrote: that. Practically, would it matter? Maybe. If an attacker knew that you were using Pi as your "random" stream, I guess that would reduce your "random" stream to a stream cypher with a key of about 24 bits. There are a lot of random-appearing number sequences. Are there enough to add a significant number of bits to the effective key? Against an attacker with the resources to compute and store the first billion digits of a lot of sequences? Meh. I'd started this response with the plan to argue that a slice of Pi is good enough for practical purposes, but I convinced myself otherwise. It's only good enough for security-by-obscurity. Meh. -- Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209