Re: ANNOUNCE: New "Leopard7" CSPRNG !
From: Scott Fluhrer (sfluhrer@ix.netcom.com)
Date: 02/21/03
- Next message: Panu Hämäläinen: "Re: SRP protocol plaintext equivalence query"
- Previous message: Cyber Vagrant: "Initializing GFSR Generators."
- In reply to: Mrsjunecarey: "ANNOUNCE: New "Leopard7" CSPRNG !"
- Next in thread: Tom St Denis: "Re: ANNOUNCE: New "Leopard7" CSPRNG !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Scott Fluhrer" <sfluhrer@ix.netcom.com> Date: Thu, 20 Feb 2003 22:44:37 -0800
Mrsjunecarey <mrsjunecarey@aol.com> wrote in message
news:20030220141802.05172.00000012@mb-fb.aol.com...
> http://wizardsworks.org/~robin/leopard.html
If you initialize the rng with the 4 byte key "Foo2" (in ASCII), then after
outputting 747251 bytes, the output starts cycling, with a cycle length of
256. This counterdicts criteria (2) "Large cycle length in all cases.", and
for that matter (1) "Cryptographically secure.". In addition, even before
it gets to that point, leopard has at least two strong biases: (a) it
outputs the same byte twice far less often than expected, and (b) it has a
strong bias for outputting the internal value of x, and thus it doesn't meet
criteria (3) "No output bias."
-- poncho
- Next message: Panu Hämäläinen: "Re: SRP protocol plaintext equivalence query"
- Previous message: Cyber Vagrant: "Initializing GFSR Generators."
- In reply to: Mrsjunecarey: "ANNOUNCE: New "Leopard7" CSPRNG !"
- Next in thread: Tom St Denis: "Re: ANNOUNCE: New "Leopard7" CSPRNG !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
