Re: New Random Number Generator for encryption



On Aug 12, 2:12 am, "Joseph Ashwood" <ashw...@xxxxxxx> wrote:
"Mok-Kong Shen" <mok-kong.s...@xxxxxxxxxxx> wrote in message

news:i3tkjq$ofn$03$1@xxxxxxxxxxxxxxxxxxxx

Joseph Ashwood wrote:

........ It is extremely weak against differential
attacks.

A question quite OT: Could you give a pointer to a good
(easy to understand) paper on differential attacks on PRNGs?

I don't know of any convenient reference. I actually modeled it as a 1-bit
block cipher in CTR mode. I used the internal counter (I.e. the label for
the particles and a loop count) as the plaintext, the pRNG output is the
ciphertext, from there it is a fairly standard block cipher differential
attack. It works easily in this case becase there is a known counter
involved, from past the counter is only a single round.
                    Joe

I researched this attack just now and got interesting results. In
short, this attack is not successful, even if counter is known. You
only need not to select odd cube dimension. I will explain it on
update to rng article.
.