CSPRNG algorithms
Jonathan Thornburg
jthorn at astro.indiana.edu
Fri May 1 10:49:53 EDT 2009
On Sat, Mar 14, 2009 at 3:16 AM, Travis
<travis+ml-cryptography at subspacefield.org> wrote:
> I have never seen a good catalog of computationally-strong
> pseudo-random number generators. It seems that everyone tries to roll
> their own in whatever application they are using, and I bet there's a
> lot of waste and inefficiency and re-inventing the wheel involved.
>
> If this true, or is there a survey somewhere? If not, would people
> like to help me create one by emailing me references to extant PRNG
> definitions?
There's a nice survey, with some advice on how to construct a "good"
PRNG, at
J. Kelsey, B. Schneier, D. Wagner, and C. Hall
"Cryptanalytic Attacks on Pseudorandom Number Generators"
Fast Software Encryption, Fifth International Workshop Proceedings
(March 1998), Springer-Verlag, 1998, pp. 168-188.
http://www.schneier.com/paper-prngs.html
ABSTRACT: In this paper we discuss PRNGs: the mechanisms used by
real-world secure systems to generate cryptographic keys,
initialization vectors, "random" nonces, and other values assumed
to be random. We argue that PRNGs are their own unique type of
cryptographic primitive, and should be analyzed as such. We propose
a model for PRNGs, discuss possible attacks against this model,
and demonstrate the applicability of this model (and our attacks)
to four real-world PRNGs. We close with a discussion of lessons
learned about PRNG design and use, and a few open questions.
The authors' reputations suggest their advice is probably excellent...
ciao,
--
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
"C++ is to programming as sex is to reproduction. Better ways might
technically exist but they're not nearly as much fun." -- Nikolai Irgens
More information about the cryptography
mailing list