another feature RNGs could provide
Anton Stiglic
astiglic at okiok.com
Wed Dec 21 19:56:14 EST 2005
>Actually, by definition, a cipher should be a permutation from the set
>of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
>or it isn't an encryption algorithm.
>
>Therefore, if you want an ergodic sequence of size 2^N, a counter
>encrypted under an N bit block cipher will do it.
>
>Perry
Yes, and the set of keys define a subset of all of the possible permutations
(working on the same size input as the block cipher). The set of all
permutations is a group, but a subset of that is not necessarily a subgroup.
Most security proofs of modes of operations, and others, model a block
cipher as a random permutation.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list