Re: RC4 as a PRNG
From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 11/13/04
- Next message: Frank Gerlach: "Random Numbers from Clock Jitter"
- Previous message: Frank Gerlach: "RC4 as a PRNG"
- In reply to: Frank Gerlach: "RC4 as a PRNG"
- Next in thread: Gregory G Rose: "Re: RC4 as a PRNG"
- Reply: Gregory G Rose: "Re: RC4 as a PRNG"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 13 Nov 2004 18:26:42 GMT
frankgerlach22@gmx.de (Frank Gerlach) writes:
]If I recall correctly, RC4 is used for WLAN encryption (WEP). For very
]long ciphertexts, it exposes a statistical weakness. Wouldn't this
]mean that RC4 is not a good choice as a PRNG ?
for what purpose? The question is whether that statistical weakness can be
used as an attack on the PRNG. That say some byte shows up with .0001% more
frequency than others is in general pretty useless for any purpose, except
saying that that byte shows up more frequently with .0001% more frequency.
Would it be nice to have a super fast scheme without this weakness? Yes.
However we know that ANY stream cypher has statistical weaknesses. It is a
very very low entropy stream (it is generated by a small key) which is to
say, it has (high order) correlations. Very Very Very strong high order
correlations. Of course finding them and using them is the trick.
- Next message: Frank Gerlach: "Random Numbers from Clock Jitter"
- Previous message: Frank Gerlach: "RC4 as a PRNG"
- In reply to: Frank Gerlach: "RC4 as a PRNG"
- Next in thread: Gregory G Rose: "Re: RC4 as a PRNG"
- Reply: Gregory G Rose: "Re: RC4 as a PRNG"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
