[cryptography] Merkle Signature Scheme is the most secure signature scheme possible for general-purpose use
marsh at extendedsubset.com
Fri Sep 3 15:26:21 EDT 2010
On 09/03/2010 01:22 PM, Ben Laurie wrote:
> On 03/09/2010 17:01, Marsh Ray wrote:
>> I played with some simulations with randomly-generated mappings, the
>> observed value would at times wander over 1.0 BoE/log2 N.
> I think when I did this, I fully enumerated the behaviour of a truncated
> hash (e.g. the first 20 bits of MD5).
I represented the mapping entirely as a table in RAM (it sure is nice
living in the age of the 4 GB laptop). Instead of truncated MD5, I
initialized my table from a good but non-crypto PRNG. Having it in a
table made it practical to do many repeated applications and watch how
the rate of entropy loss varied.
I should clean up that code and graph the output, it seemed to be making
some interesting curves.
More information about the cryptography