Re: Decimation
- From: "Cristiano" <cristiano.pi@xxxxxxxxxx>
- Date: Wed, 23 Dec 2009 11:47:28 +0100
Greg Rose wrote:
In article <4b30b227@xxxxxxxxxxxxxxxxx>,
Cristiano <cristiano.pi@xxxxxxxxxx> wrote:
Joseph Ashwood wrote:
[...] Although it does increase the difficulty, it does not
change an insecure PRNG to a cryptographically secure PRNG.
If you decimate the output of a LFSR (which is "an insecure PRNG")
you get a cryptographically secure PRNG (self-shrinking LFSR).
No you don't. There are attacks against the SSG.
There are attacks against many ciphers, but it doesn't mean that they are
not cryptographically secure.
Here:
http://en.wikipedia.org/wiki/Self-shrinking_generator#Cryptanalysis
I read that there is an attack against the SSG which requires 2^(0.7*L)
steps. If you take, say, L=256 or longer, the time needed to break that SSG
will be very big. I would call that SSG cryptographically secure PRNG.
Cristiano
.
- References:
- Decimation
- From: Mok-Kong Shen
- Re: Decimation
- From: Joseph Ashwood
- Re: Decimation
- From: Cristiano
- Decimation
- Prev by Date: Re: Estimating entropy of a stream
- Next by Date: Re: Use of simple schemes
- Previous by thread: Re: Decimation
- Next by thread: qop=auth in Digest access authentication
- Index(es):
