Comment author: Will_Sawin 07 January 2011 09:47:54PM 0 points [-]

This provides an excellent demonstration of E.T. Jaynes's point that making something more random really means making it more complicated.

Comment author: gfrlog 08 January 2011 06:38:35PM 0 points [-]

The point isn't to make it more random, the point is to make it more trustworthy. You can participate in the process and be confident that the result is random without having to put any trust in the other participants.

Comment author: JGWeissman 06 January 2011 09:22:53PM 0 points [-]

The point is there are people who would not realize that you need a salt, or a hash function not vulnerable to collisions. Yes, there are existing solutions for this problem, but even choosing an existing solution from the space of security solutions to different problems is not trivial.

Comment author: gfrlog 06 January 2011 09:49:19PM 1 point [-]

Why does "some people don't know how this works" make it less trivial?

Comment author: JGWeissman 06 January 2011 08:47:52PM 0 points [-]

All you need is a hash function.

A hash function on a die roll is quite vulnerable to a dictionary attack. You could add a salt, but this makes hash collisions easier to take advantage of.

Comment author: gfrlog 06 January 2011 09:13:38PM 0 points [-]

Of course a salt. Not sure why that would make hash collisions easier to take advantage of though. Presumably you use a good hash function.

Comment author: JGWeissman 06 January 2011 07:42:07PM 1 point [-]

A commitment scheme sounds like "security against tampering".

Comment author: gfrlog 06 January 2011 08:32:26PM *  1 point [-]

But there's no paranoia involved. It's cryptographically quite simple. All you need is a hash function.

Contrast with all of the governments and all of their security agents and such and nobody really trusts that it's secure.

Comment author: JGWeissman 06 January 2011 07:26:35PM 1 point [-]

then everybody reveals their numbers together

That is not so easily done.

Comment author: gfrlog 06 January 2011 07:38:25PM 1 point [-]

It is if you use a commitment scheme. Such a thing allows you to commit to a value before revealing it. So you go in two steps -- everybody commits, then everybody reveals. Nobody can change their value after committing, so nobody can base their values on others' values.

Comment author: gfrlog 06 January 2011 07:01:32PM 1 point [-]

I think you could perform the dice rolling experiment without any need for security against tampering. To generate a random number from 0 to N-1, have every interested party generate their own number (roll their own die), then everybody reveals their numbers together and the group adds them all up and takes the remainder after dividing by N.

With that procedure everybody should be convinced that the result is at least as random as their own number.

Powered by Reddit Powered by Reddit