Re: Random number generation

From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 06/27/03

• Next message: AE: "Re: Stream cipher against block cipher"
• Previous message: Fab: "Surviving Einstein."
• In reply to: Douglas Wikström: "Re: Random number generation"
• Next in thread: William Whyte: "Re: Random number generation"
• Reply: William Whyte: "Re: Random number generation"
• Reply: clem: "Re: Random number generation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 27 Jun 2003 16:44:59 GMT

Douglas Wikström wrote:
>>>I am just curious :-). Is there a rigorous security analysis of this
>>>construction.
>>
>>It's CTR mode. You're new here right?
>
>
> You are right, I misread the Simons post (my appologies to Simon :-). No
> Tom. It has been a while though. You have not changed.

What you mean my attitude? Go <expletive deleted> yourself you lame
<expletive deleted> piece of donkey <expletive deleted> mother
<expletive deleted> <expletive deleted> of donkey <expletive deleted>.

>>Essentially CTR mode is as secure as the underlying cipher is to known
>>and chosen plaintext attacks.
>
>
> What you are saying is not true in general. There are pathological
> counter examples. You need other properties from the underlying system.

Actually what I am saying is perfectly true and the prove is trivial.

If you can distinguish CTR mode from random with L ct/pt pairs then you
can break the cipher with L ct/pt pairs. Therefore if the cipher is
secure to N ct/pt pairs then CTR is secure to N ct/pt pairs.

If you mean "ooh ooh bitflip attack" then pay the <expletive deleted>
attention to the numerous <expletive deleted>'ing people who <expletive
deleted>'ing suggest to <expletive deleted>'ing use a <expletive
deleted>'ing MAC!

Tom

--
LTC: http://libtomcrypt.org
LTM: http://math.libtomcrypt.org
The Book: http://book.libtomcrypt.org

• Next message: AE: "Re: Stream cipher against block cipher"
• Previous message: Fab: "Surviving Einstein."
• In reply to: Douglas Wikström: "Re: Random number generation"
• Next in thread: William Whyte: "Re: Random number generation"
• Reply: William Whyte: "Re: Random number generation"
• Reply: clem: "Re: Random number generation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: An idea against convention ... CTR mode is agnostic to your character ... >> encoding. ... This is ONLY meant for CTR mode. ... Tom ... (sci.crypt) Re: A basic cryptanalysis question ... >>So provided your message length is a multiple of the block size I don't ... I'd use CTR mode in the first place. ... Nyah nyah! ... Tom ... (sci.crypt) Re: Testing DES, 3DES and AES ... > Any particular reason you support all those bit resolutions for ... > CFB/OFB? ... Personally I'd say just go with CTR mode unless you're going ... Hi Tom, ... (sci.crypt) Re: Data Compression Before or After Encryption ? ... that's not CTR mode. ... I don't think it would be insecure but ... Oh yeah, right. ... Listen to Tom. ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint