[Cryptography] new PRNG family

Andreas Briese ab at bri-c.de
Fri Dec 5 02:30:19 EST 2014

Am 04.12.2014 um 22:20 schrieb Ray Dillinger <bear at sonic.net>:

> Well, I don't mean to be dismissive, but rounding means information loss
> from your generator, and every time you lose information from
> your generator you get a halfbit closer to being in a known state.

Not being a native english speaker, i don't know exactly how to interpret your intro, but i reassure you, i very much appreciate this dialog.

> To put it another way, your generator will gravitate fairly quickly
> onto cycles where there is no rounding at all (more precisely onto
> cycles where the rounding happens in the same direction every time
> through the cycle).

> This matters because the ratio of unreachable to reachable states
> is likely to be very large.  If it turns out that most of your
> possible states are unreachable, then your generator necessarily
> has much shorter cycles than it could, because none of those
> unreachable states are on the cycles.  And we still haven't
> considered how much the periods are shortened by the states
> being divided up among multiple cycles  or how to tell how
> many different cycles there are.
> This is all general statistics, not real analysis of the specifics
> of your particular generator.
> 				Bear

i would like to put in my words, would you please indicate, if i am on the right track:

looking at one log map:

1. the log map calc can have a number $nI$ of inputs that result in $nO$ outputs - need to assess both.
2. since $nD$ input numbers (call them BadNumbers) will result in the same output we have an information loss relative to this.
3. i need to get information on $nO$ / ($nI$ - $nD$) 

4. i need to know how often 'BadNumbers' are reached ~ leaf nodes - if this is not evenly distributed

I think i get into less a statical but practical problem here. Since log map is chaotic and the number of possible inputs is limited by the FP representation of numbers between 0..1 being 2^51 ?(my question from the last post) the $nI$ would be this. 
2^51 * 8 is  36 028 797 018 963 968 bytes 

Because of 'chaotic' it should be unpossible to extrapolate - anyway, even if i try to predict from a sample set of 1:10^6 i would need to manage
36 028 797 018 bytes only talking about the input numbers - which i simply can't.

Or should i try and see how far i can go?
Any suggestions?


> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

More information about the cryptography mailing list