Re: Constructing PRNGs from hash functions

Thomas Dixon wrote:
This was relevant because I wish to construct a simple PRNG utilizing
a hash function as the PRF.
[...]
Define F as the hash function.
Define seed as F(seed_string).
Define || as concatenation.

s_0 = F(0 || seed || 0)
s_i = F(s_{i-1} || seed || i)

I not only wish to obtain opinions regarding the above, but I'm very
much interested in any resources or suggestions any of you have on such
schemes as a whole. Your contributions are very much appreciated.

This design looks reasonable to me.

Have you seen NIST SP 800-90? It might be useful.
.

Relevant Pages

  • Re: how to read the math in RFCs?
    ... not concatenation; ... > represents binary exclusive-OR. ... prf is a 2-place function. ... available (nor in a draft of IKEv2, though I only checked an old ...
    (sci.crypt)
  • Re: Making a weak Hash stronger until a fix comes along -- concatenation of hash functions... .2: Co
    ... >My use of concatenation was not totally clear. ... >I would never consider adding the strings of the 2 hashes together. ... Taking the hash and feeding it into another hash function doesn't ...
    (sci.crypt)
  • Re: Parsing error
    ... concatenation is a right pain. ... It's only Usenet, no one dies. ... My opinions, not the committee's, mine. ... Simple RFDs http://www.ckdog.co.uk/rfdmaker/ ...
    (comp.lang.php)
  • Re: Parsing error
    ... concatenation is a right pain. ... It's only Usenet, no one dies. ... My opinions, not the committee's, mine. ...
    (comp.lang.php)
  • Re: is an MD5 sum random
    ... I think the design goal of a hash function (that MD5 turned out to ... His a pseudorandom function (PRF). ... usual properties that we want hash functions to have. ...
    (sci.crypt)