Re: Weakness of Feistel ciphers
- From: daw@xxxxxxxxxxxxxxxxxxxxxxxx (David Wagner)
- Date: Thu, 20 Apr 2006 08:36:53 +0000 (UTC)
Kim G. S. Øyhus wrote:
Sure, it is weak, and it does not need to be strong in my application,[...]
which is similar to random number generation.
Anyway, I must use a cryptographic PRNG, since it must be invertible.
Hmm. I'm lost. How do I reconcile the above two statements?
If you don't need your generator to be cryptographically strong,
then just use a Mersenne Twister or something, as others have suggested.
If you do need your generator to be cryptographically strong, then
you could just use any existing cryptographically strong pseudorandom
generator (e.g., AES in counter mode). I would not recommend trying
to design your own pseudorandom generator, as it is easy to go wrong
and hard to come up with something better than current standards.
Note: By asking on sci.crypt, most people will implicitly assume that
you are looking for something that is cryptographically strong, unless
you state explicitly otherwise. sci.crypt is primarily focused on
discussions of cryptography and related topics.
.
- References:
- Weakness of Feistel ciphers
- From: Kim G. S. Øyhus
- Re: Weakness of Feistel ciphers
- From: Kim G. S. Øyhus
- Re: Weakness of Feistel ciphers
- From: Paul Rubin
- Re: Weakness of Feistel ciphers
- From: Kim G. S. Øyhus
- Weakness of Feistel ciphers
- Prev by Date: Re: Complex Theoretical One Way Hash Question
- Next by Date: Re: Encrypting Unicode
- Previous by thread: Re: Weakness of Feistel ciphers
- Next by thread: Re: Weakness of Feistel ciphers
- Index(es):
Relevant Pages
|
