another feature RNGs could provide
Perry E. Metzger
perry at piermont.com
Wed Dec 21 13:46:23 EST 2005
Ben Laurie <ben at algroup.co.uk> writes:
> Jack Lloyd wrote:
>> On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
>>> 2) While CTR mode with a random key is sufficient for creating a
>>> permutation of N-bit blocks for a fixed N, is there a general-purpose
>>> way to create a N-bit permutation, where N is a variable? How about
>>> picking a cryptographically strong permutation on N elements, where N
>>> is not necessarily a power of 2?
>>
>> Use can use the Bear or Lion constructions to form 2^{arbitrary} bit block
>> ciphers quite easily.
>
> Good ciphers aren't permutations, though, are they? Because if they
> were, they'd be groups, and that would be bad.
Actually, by definition, a cipher should be a permutation from the set
of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
or it isn't an encryption algorithm.
Therefore, if you want an ergodic sequence of size 2^N, a counter
encrypted under an N bit block cipher will do it.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list