RE: key material

From: Don Parker (dparker_at_rigelksecurity.com)
Date: 04/23/04

  • Next message: Henrik Bøgh: "Re: unpacking UPX or PE-packed binaries"
    Date: Fri, 23 Apr 2004 16:01:24 -0400 (EDT)
    To: "Burton M. Strauss III" <BStrauss@acm.org>, <vuln-dev@securityfocus.com>
    
    

    Hello, well as you mentioned yes the initial fill of the prng will dictate the length of
    the lrs (linear recursive sequence) ie: an R6. So the initial fill of the R6 could be
    like 010011. That being said you also get into maximal and non-maximal length lrs's as
    well. You can also get into specific tap points as well on the prng. I would suggest you
    head down to www.security-forums.com and post in the crypto forum. There is a guy there
    called JustinT who is very much a crypto guru.

    Cheers,

    Don

    -------------------------------------------
    Don Parker, GCIA
    Intrusion Detection Specialist
    Rigel Kent Security & Advisory Services Inc
    www.rigelksecurity.com
    ph :613.249.8340
    fax:613.249.8319
    --------------------------------------------

    On Apr 23, "Burton M. Strauss III" <BStrauss@acm.org> wrote:

    Remember, while a PRNG may GENERATE more bits, the initial random pool caps
    the total randomness.

    Suppose you generate 5 numbers using any PRNG you like. If the seed is only
    1 bit(0 or 1), there are only TWO patterns you will see. Period. If the
    seed is two bits, there are 4 patterns, etc.

    This surfaced recently in some of the lottery machines - small seed space
    and the machines were frequently reset - meaning that the 'quick pick'
    tickets covered only a small % of the number space.

    -----Burton

    > -----Original Message-----
    > From: Greg Kilford [mailto:greg_kilford@hotmail.com]
    > Sent: Thursday, April 22, 2004 12:29 PM
    > To: vuln-dev@securityfocus.com
    > Subject: key material
    >
    >
    > Hi everyone,
    >
    > I was juz discussing with my pals the other day on the
    > appropriate initial
    > input bit size to seed a PRNG of the structure below for it to be used to
    > generate the random bits for RSA key material of modulus 1024
    > bits or 2048
    > bits. Anyone know what would be the ideal length/size of A so
    > that there is
    > sufficient entropy to generate the key material for RSA 1024/2048
    > bits keys?
    >
    > A: Initial input seed of x bit size and fed into the 3DES x9.17
    > PRNG in 64
    > bit blocks.
    > B: A constant key of 128 bits (112 bits effective). Does not change with
    > each loop of output block O.
    > C: Initialization vector - 64 bits size with initial fixed value and fed
    > back with each loop.
    > O: Output of 64 bit block with each loop for RSA 1024/2048 key material.
    >
    > Initial total of x bits as seed
    > (feeding in 64-bit block feed)
    > A
    > |
    > \|/
    > x9.17 PRNG V
    > ----------------------
    > | |
    > | |<------ B (128bits with 112 bits effective)
    > : Constant
    > value for all loops
    > | |
    > | 3DES |
    > | |
    > | |<-------
    > | | |
    > ---------------------- |
    > | | | C (64 bit IV) : Initial fixed IV.
    > Changed/feedback with every loop.
    > | | |
    > | -----------|
    > |
    > \|/
    > V
    > O
    > Output Random Stream
    > (in 64 bit blocks)
    >
    > _________________________________________________________________
    > MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
    > <a href='http://join.msn.com/?page=features/virus'>http://join.msn.com/?
    page=features/virus</a>
    >


  • Next message: Henrik Bøgh: "Re: unpacking UPX or PE-packed binaries"

    Relevant Pages

    • key material
      ... sufficient entropy to generate the key material for RSA 1024/2048 bits keys? ... back with each loop. ... x9.17 PRNG V ... Output Random Stream ...
      (Vuln-Dev)
    • RNG
      ... A constant key of 128 bits. ... back with each loop. ... x9.17 PRNG V ... Output Random Stream ...
      (Vuln-Dev)
    • key material
      ... sufficient entropy to generate the key material for RSA 1024/2048 bits keys? ... back with each loop. ... x9.17 PRNG V ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: key material
      ... the total randomness. ... Suppose you generate 5 numbers using any PRNG you like. ... > back with each loop. ... > Output Random Stream ...
      (Vuln-Dev)
    • RE: key material
      ... then after that the output stream O could be drawn to provide the bits for ... argument is that the symmetric and asymmetric crypto "strength" would means ... >Remember, while a PRNG may GENERATE more bits, the initial random pool caps ... >> back with each loop. ...
      (Vuln-Dev)