EDP (entropy distribution protocol), userland PRNG design
Travis H.
solinym at gmail.com
Wed Oct 19 14:09:50 EDT 2005
On 10/18/05, Jack Lloyd <lloyd at randombit.net> wrote:
> Peter Gutmann has several good papers on RNG design, as have some folks
> currently or formerly associated with Counterpane (ie Wagner, Kelsey, Hall,
> ...). It is worth reading their analysis papers as well as their design papers,
> especially the ones that cover fielded PRNG designs.
It's interesting that you mention that, because that counterpane paper,
http://www.schneier.com/paper-prngs.html
points out several flaws in the ANSI X9.17 PRNG.
> mentioned, "oversampling won't help you generate random bits any faster; you
> will get more bits but no more randomness."
Yeah... in most cases you'll get serial-correlated (autocorrelated)
bits, and then if you're using a von Neumann corrector, you'll get
bias, and if you have bias you'll be unhappy, and if you're unhappy
you'll sleep a lot, and we can't be having that.
> However, I don't see how you are protecting the confidentiality of the data at
> all in your current design.
Well, you transmit the data, and then it gets encrypted with a random
key before it is used... effectively this is a one-way function, so
you'd have to mount a search on the key used if you want to be able to
interpret how the network traffic is used downstream.
Of course you'd want a cipher such that encryption with a random key
doesn't introduce any bias.
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list