As you known the physical ssciences have a set of what one might call
universal constants. Example "c" the speed of light, that turn up on
manay places. As far as I can understand these constants are useful as
a means of deciding whether a proposed theory or construction might be
correct. For example, A theory of electomagnetism might show that "c'"
is a consequence of the theory.

Now I wondered if cryptographic/information theory had such univeral
constants that can eb used in a similar manner. that is constants that
one might look derivable from a new proposal, in order to add weight
to the correctess of the new idea.

For example: might a deivation of an entropy of 2.58 have any
significance?
Does a probability of an event of 2/3 ~= 0.65 have any universal
significance?
Does a value of 0.38 when measuring the number of say the bits
matching between Item 1 and item two have any universal signifiicance?

Do you generally see what I mean by my question?
I mean the derivation of such universal constants from a proposal
would be of great use in theory validation?

Hi,

If you have an aspiration to work in USA and thought the only way to
do that was H1 then this is the mail will greatly help you where you
can fulfill your dream!!!
We file H1 visa for IT candidates having...

earlcolby.pottinger@sympatico.ca wrote:

...and it wouldn't be all that hard to write a program that
tries all common obfuscation techniques, such as reverse
spelling, C for K / K for C, 2 for "two", adding a number
at the end, etc.

Legatus wrote:

It's true whether you doubt it or not.

That just means that an attacker will guess passwords
(16^12 / 2^48 bits) rather than keys (2^128 or 2^256 bits.)

Consider the case of someone using AES-256 encryption with
a one-character alphanumeric password. Will an attacker try
all 2^256 posible keys will he try the 36 possible passwords?

Joseph Ashwood wrote:

Regardless of Darya Gunchenko's next adventure in life, people on the
net will still talk about her.
--

Gadget.zip: Const. Jason Watson #1898, Cst. JASON WATSON #1898, Jason
Watson Peel Regional Police Vice Unit, Const. Sean Gormley...

soldsoldi@yahoo.it writes:

If the passwords are regular english (or italian or whatever) words,
then guessing them will be very fast and 10-12 chars is way too short.

Use a much longer phrase, like 6 or so words chosen randomly from a
dictionary (see www.diceware.com for how to do this). The important
thing is that the words are random, not chosen by someone in a
guessable way.

On 12/23/2008 04:46 AM, soldsoldi@yahoo.it sent:

Some of the posts in this thread are *truly* interesting in an academic
sense. However, the OP's question may not have been satisfactorily
answered. Without stealing this thread, please allow me to restate
the OP's question with a /bit/ more precision for a real world reply:

Phil Carmody yahoo.co.uk> writes:

I have looked into it a little bit further, it looks like the AICPA
publishes audit guidelines and Mozilla accepts audits from other
organizations that follow them, e.g. I see that the Comodo operation
was audited by KPMG (hmm...).

It is probably about the same set in Firefox and MSIE. There is a
fairly open process about getting a cert into Firefox. Maybe not
ideal, but seems pretty reasonable given Mozilla's nonprofit nature:

I'm looking for a good book to read on quality engineering. Any
suggestion? Thanks