Looking through a modulo operation

lists at notatla.org.uk lists at notatla.org.uk
Tue Jul 22 22:46:47 EDT 2008


"Matt Ball" <matt.ball ieee.org> wrote

> Here is a C implementation of __random32:
> 
> typedef unsigned long u32;
> struct rnd_state { u32 s1, s2, s3; };
> static u32 __random32(struct rnd_state *state)
> {
> #define TAUSWORTHE(s,a,b,c,d) ((s&c)<<d) ^ (((s <<a) ^ s)>>b)
> 
>     state->s1 = TAUSWORTHE(state->s1, 13, 19, 4294967294UL, 12);
>     state->s2 = TAUSWORTHE(state->s2,  2, 25, 4294967288UL, 4);
>     state->s3 = TAUSWORTHE(state->s3,  3, 11, 4294967280UL, 17);
> 
>     return (state->s1 ^ state->s2 ^ state->s3);
> }

I see TAUSWORTHE (briefly tested with the above constants) isn't a
permutation of the 32-bit input state and is going to get very dull
when s is 0.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list