cryptographic ergodic sequence generators?
Greg Rose
ggr at qualcomm.com
Sat Sep 6 17:56:46 EDT 2003
At 02:09 PM 9/6/2003 -0400, Perry E. Metzger wrote:
>For making things like IP fragmentation ids and other similar protocol
>elements unpredictable, it would be useful to have what I'll call a
>cryptographic ergodic sequence generator -- that is, a generator that
>will produce a sequence of n bit numbers such that there are no
>repeats until you pass the 2^nth number in the sequence (that is, the
>sequence is a permutation of all 2^n bit numbers) and such that it is
>very difficult to predict what the next number in the sequence might
>be beyond the fact that it will not be one of the numbers seen earlier
>in the sequence. It is also rather important that the generator be
>computationally inexpensive.
The characteristic you ask for is exactly that of an n-bit block cipher in
Counter Mode. For example, that's exactly why we developed Skip32, which is
on our web page; we needed an unpredictable but non-repeating 32 bit nonce.
If you aren't prepared to accept the cost of a (scaled down) block cipher,
then you'll have to restate your requirements.
Greg.
Greg Rose INTERNET: ggr at qualcomm.com
Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199
Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/
Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list