building a true RNG (was: Quantum Computing ...)
Derek Atkins
derek at ihtfp.com
Tue Jul 23 09:56:01 EDT 2002
"John S. Denker" <jsd at monmouth.com> writes:
> > Source --> Digitizer --> Simple hash --> Whitener (e.g., DES)
>
> OK, we have DES as an example of a whitener.
> -- Can somebody give me an example of a "simple hash"
> that performs "irreversible compression" of the required
> kind?
I can give you a number of examples: MD5, SHA-1, ....
> -- Isn't the anti-collision property required of even
> the simplest hash? Isn't that tantamount to a very
> strong "mixing" property? If there's strong mixing in
> the simple hash function, why do we need more mixing
> in the later "whitening" step?
More mixing is never bad in an RNG.. See RFC1750.
> -- What is meant by "cryptologic strength"? Strength
> against what kind of attack? If this means in particular
> the one-way property, why do I need it? I can understand
> why a !!pseudo!! random symbol generator needs the one-way
> property, to protect its internal state, but since my
> generator has no secret state to protect, why do I need
> any cryptologic properties other than mixing?
I think they probably meant cryptographic strength, but I
don't know what was going through their minds. What
do people mean by "authentification"? That's not even
a real world but I see it all the time. To me, I think
people just don't know the right term to use so they
just put down something that sounds right to them, regardless
of its correctness.
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek at ihtfp.com www.ihtfp.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list