Re: example primes for blum-blum-shub



marcomaggi wrote:
On Jul 17, 1:25 pm, rossum <rossu...@xxxxxxxxxxxx> wrote:
On Fri, 17 Jul 2009 20:54:22 +1000, David Eather <eat...@xxxxxxxxxx>
wrote:

as I understood the request, he just wanted a set of numbers to compare
his application with, he was not looking for cryptographic strength.
I was approaching from the point of view of users of the library. BBS
is slow when used as a non-crypto PRNG so any user is more likely to
be interested in it for cryptographic purposes. Any such user who
just used the provided numbers (I got the impression he was going to
put the two numbers into the documentation) would be making an even
bigger mistake.

Their mistake is not my business, no? What I am doing is writing a
library
of PRNGs (source included, so users can check it), and documenting it
with references to papers and a brief introduction for newbies. The
purpose
of including an example of numbers suitable for an attack model aimed
at
personal data, is to tell crypto-newbie users: "See? You have to be
able
to handle a search for numbers this big, with requirements of such
complexity." With this I fulfilled my duty of intellectual honesty.

Newbie does not mean stupid (I am a crypto-newbie, but I do not
use "password" as password). I browsed the Net looking for example
numbers exactly to understand what level of competence is needed.
Is it too much for me? Fine. Now I know. Am I allowed to make it
easier for users to understand it? I say yes, and it is what I am
trying
to do.

Nevertheless, once the numbers are available, the BBS algorithm
is not difficult to implement, so I do not see why I have to avoid it
in my library (which is only a library of PRNGs, I never written
that it was a crypto library).

That said, bugs happen and they are fixed. I ported some
existing code for my library, and I reverse engineered it to
see if it was correct; when I was not sure, I asked experts for
advice. I did it, and people can do it for my code, too.

I am just writing a tool, I do not understand the attitude
"You have to save people from their ignorance."

Go to a hardware store and see how many tools have safety guards on them specifically to "save people from there ignorance".



--
Marco Maggi
.



Relevant Pages

  • Re: example primes for blum-blum-shub
    ... of PRNGs, and documenting it ... with references to papers and a brief introduction for newbies. ... Newbie does not mean stupid (I am a crypto-newbie, ... I am just writing a tool, I do not understand the attitude ...
    (sci.crypt)
  • Re: example primes for blum-blum-shub
    ... of PRNGs, and documenting it ... Newbie does not mean stupid (I am a crypto-newbie, ... For example do you securely erase all the internal ... I am just writing a tool, I do not understand the attitude ...
    (sci.crypt)