[Cryptography] Simple key derivation function based on card shuffling

[Jerry Leichter]

Actually, thinking about this further:  The initial output array alternates 0's and 1's, 0's first.  When you split it in half, the two halves are identical, alternating 0's and 1's, 0's first.  So actually for the first pass over the output, the input is irrelevant:  Both halves contribute 0's, so you append 00, then 11, etc.  After a complete pass, the output array is 00110011....  If the length of the output is divisible by 4, the two halves are again identical, and again the input doesn't matter.  You double the lengths of the streams, producing 00001111....  This keeps happening for the first k passes, where k is the largest value such that 2^k divides the length, in bits, of the output array.  Your output array is 512 bytes, so k is 9, so you'll end up with the state array consisting of 256 0's followed by 256 1's.  Only at that point will the input actually matter; and the output at the next pass will effectively be a copy of the input, with 0 encoded as 01 and 1 encoded as 10.

After that it's harder to follow but this doesn't seem like a promising start....

                                                        -- Jerry