Re: Confirmation of Shannon's Mistake about Perfect Secrecy of One-time-pad

On 10月24日, 上午7时32分, matt271829-n...@xxxxxxxxxxx wrote:
On Oct 23, 6:29 pm, hagman <goo...@xxxxxxxxxxxxx> wrote:

On 22 Okt., 23:00, matt271829-n...@xxxxxxxxxxx wrote:

On Oct 22, 8:53 pm, hagman <goo...@xxxxxxxxxxxxx> wrote:> On 22 Okt., 06:22, wangyong <hell...@xxxxxxx> wrote:

<snip>

If I understand you right, then you can get more characters right than
by guessing from the encrypted message found below.

I use the following C code:
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char* argv[] ) {
srand( atoi(argv[1]) );
int limit = atoi(argv[2]) * (RAND_MAX/100);
for (int row = 0; row < 20; ++row) {
for (int col=0; col < 50; ++col)
printf( (rand()<limit)? "0" : "1" );
printf("\n");
}
}

to generate a 1000 character plaintext with P(M=0) = 0.9:
#./foo (non-disclosed-random-seed) 90 > plaintext
and a onetime pad
#./foo (non-disclosed-random-seed) 50 > onetimepad
Just to make sure I cannot change the data afterwards behind your
back:
#cat plaintext onetimepad | md5sum
044fc613804c45291d6e557a1ef265da -

Applying the onetimepad to the plaintext (xor'ing them), I obtain
00001011001110101101100100010000001010101110000010
10100110010110101111100011011101110101010100101011
00011101101111111101111010111101000101111100101000
01000111100101010000000100000110110111100011010111
10110101010111001001100010001010000110100010100100
01110011110001100100111110111110001111100111100111
10000110000111010001000001100011011011000001110000
01100011001010011000000100010000111011111101101000
10101001111101011000100101110111110110000101010001
11010101011110110110000000011011111111111010101111
00101011011101111010000101011111111100000101010100
11011111110011101110011010111000110001011100111110
11011011110001000110101001111110011001101001011010
01100110001101000101110001011000110010110111011001
00111001010000000011101011110010111010011101000111
10111100011110110011111011001010111010111001000010
01110111111101111000101101110010010100001011101100
00111110011000111000000110011001001011111111111110
00001010010111110111110110000000011000011110001110
01111111011000101001011101101100101010110011000010

Your task is to guess the plaintext or rather to be significantly
better than guessing: Simply saying "0000...00" will get ~900
characters
right; producing a new random text with P(M=0)=0.9 would get
about 0.9*900 0's and about 0.1*100 1's correct, in total only ~820.

But can *your* theory produce a suggested decrypted text that
conincides with the plaintext at significantly more than 900
characters? It seems to claim so.
If you can post a text that has 905 or more correct
characters, I'll read your paper more thoroughly
and become one of your supporters.
If you can get 910 or more characters right, you'll have
totally shattered my gut feelings about one-time pads.

Well, the probability that your original message contains >= 905 zeros
is about 0.32, and the probability that it contains >=910 zeros is
about 0.16. So if one ignored the encrypted message and just guessed
all zeros it would not be that remarkable to hit those targets.

I counted the one's and zero's before posting, so you I can assure you
that this method happens not to work for the specific (though
random) text I posted. :)

Hey ... that's CHEATING!!!

(just kidding)

well

.

Relevant Pages
Quantcast