Re: More about MT19937 in crypto
From: Mok-Kong Shen (mok-kong.shen@t-online.de)
Date: 03/06/03
- Next message: Richard Herring: "Re: Using GPS data to secure fiber/ethernet"
- Previous message: Philippe Paquet: "Re: Sinople: a 128-bit symmetric block cipher"
- In reply to: Mok-Kong Shen: "Re: More about MT19937 in crypto"
- Next in thread: Cristiano: "Re: More about MT19937 in crypto"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mok-Kong Shen <mok-kong.shen@t-online.de> Date: Thu, 06 Mar 2003 10:01:33 +0100
Mok-Kong Shen wrote:
>
> Benjamin Goldberg wrote:
> >
> [snip]
> > You're given input bits; take them two at a time, and process them as
> > follows:
> >
> > A B
> > 00 - 0
> > 01 1 -
> > 10 0 -
> > 11 - 1
> >
> > The bits of the A column get outputed directly, and the bits of the B
> > column get sent to the next computation unit to be unbiased in an
> > identical manner.
> [snip]
>
> No question that this processing is o.k. I just want
> to say that the above table reminds me of some
> similarity (not identity!) with that of JK-flipflop
> which I vaguely remember was mentioned somewhere
> as a way of postprocessing bit streams. (It certainly
> hasn't the good theoretical basis as the above, if
> I don't err.)
I do think now that one could give a rationale for
the scheme as follows: Let's suppose that all the
bits emitted by the device up to a certain point are
unbiased. If the following input is 01 or 10, then
one adds one unbiased bit according to von Neumann.
If the following input is 00 or 11, with probabilities
unequal, say, q and 1-q, and let the last emitted
bit be u, then one has probability of q to add
a bit the same as u and probability of 1-q to add
a bit that is the complement of u. But u is by
assumption unbiased, hence the bit added is also
unbiased. (cf. xoring a sequence of uniform
distribution with one of arbitrary distribution
results in a uniform distribution.)
Could the above argument be o.k.? If yes, then the
scheme seems to have the advantage of simpler
implementation and higher efficiency than the
two-level von Neumann. (Would someone already having
the needed testing software and materials at hand
like to give it a trial?)
M. K. Shen
- Next message: Richard Herring: "Re: Using GPS data to secure fiber/ethernet"
- Previous message: Philippe Paquet: "Re: Sinople: a 128-bit symmetric block cipher"
- In reply to: Mok-Kong Shen: "Re: More about MT19937 in crypto"
- Next in thread: Cristiano: "Re: More about MT19937 in crypto"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
