Matt's Crazy Hypothesis

Joel Meulenberg joelmeulenberg at yahoo.com
Sat Jun 3 11:15:29 CDT 2000 

--- Steve Poling <sdpoling at home.com> wrote:
> > >  My current crazy hypothesis:
> > >   If a text file is x, all encryption schemes can be represented
> by
> > > g(x),
> > > and f(x) is a compression scheme, for some x's there exists a
> g(x)
> > > such that f(g(x)) < f(x).
> > >
> > > what do you think?
> 
> I think i don't do enough mathematics.
> 
> if you ever find g() that satisfies your conjecture, you ought not
> use it
> for cryptographic purposes.
> 
> Consider a captain midnight decoder ring cipher. Its entropy will be
> equivalent to the original plaintext, since it's only permuted the
> original
> symbols. Conversely, if g() is cryptographically secure, it will make
> g(x)
> appear more "random" than x. It will flatten the distribution of
> symbols in
> the ciphertext.
> 
> I believe one can prove entropy(g(x)) > entropy(x). I also believe
> one can
> prove that entropy(f(x)) > entropy(x).
> 
> My experience has been that the compression factor of f() is a
> function of
> the original entropy of x. As x grows closer to "random," there is
> less
> structure in x for f() to exploit. As f() grows more efficient,
> entropy(f(x)) grows as well.
> 
> However, since entropy(g(x)) > entropy(x) we should expect encryption
> to
> degrade the compression factor: size(f(g(x)))/size(x) >
> size(f(x))/size(x)
> 
> if size(x) > 0, this implies size(f(g(x))) > size(f(x))
> 
> Now, this doesn't exactly satisfy your conjecture. Because I think
> that all
> the information-theoretic proofs will be true on all sets except
> those of
> lebesgue measure zero. Thus, a pathological file and f() and g() on
> the
> order of weirdness of the Cantor set could sneak past Dr. Shannon
> (who
> invented info theory).

That's kinda what I was thinking (except for that last paragraph : ) ).

Note though that Matt did say "for some x's".

Of course, there are contrived examples of f() and g() which satisfy
Matt's conjecture, but I doubt any serious f() and g() would do so for
most x's.

For (a contrived) example, you could have a compression algorithm, f(),
that does a sort of hardcoded Huffman encoding (i.e.- it has a table of
predefined strings of symbols that it expects will be "common" and
replaces them with shorter strings, but this mapping table is static). 
Now imagine that g() is just a trivial "rot1" (rotate by 1 letter of
the alphabet) encryption scheme.  Ordinarily, a string like "the" would
be pretty common in English text, but now imagine our contrived
compression algorithm doesn't have "the" in it's table, but rather has
"uif".  Since rot1("the") = "uif", our encryption function, g(), plays
right into our compression function, f().  Now imagine that there's a
whole lot of that going on between f() and g().

Sure, this example is simple and totally contrived, but I suppose it
demonstrates that Matt's conjecture could be true - even for "most x's"
for special pairs of f() and g().

+Joel

__________________________________________________
Do You Yahoo!?
Yahoo! Photos -- now, 100 FREE prints!
http://photos.yahoo.com

More information about the grand-rapids-pm-list mailing list