Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
 Date: Fri, 20 Aug 2010 20:08:28 +0000 (UTC)
Tran Ngoc Duong <tranngocduong@xxxxxxxxx> wrote:
"Maaartin" <grajcar1@xxxxxxxxx> wrote in message
What about the following PRNG repeating these steps:
 Generate x using a secure PRNG.
 Generate y using a trivial PRNG.
 Output 2*x+y where the computation gets performed in GF.
 Output x+2*y where the computation gets performed in GF.
Instead of (x, y) > (2*x+y, x+2*y) you can take any other MDS
function.
Given all outputs you can invert the output transform and get to the
values generated by the trivial PRNG. Given only each second output
you can do nothing at all.
I think, it is a semisecure PRNG according to you definition. I don't
think, semisecure PRNGs occur in reality.
Yes. I think it could be considered semisecure. I don't think it is
practically usable since it is constructed from a secure PRNG. If I have
a truly secure PRNG, I would surely find a better way to use it. No MDSs
or other such jokes.
NIST's DualEC DRBG was more or less like this. They generate a sequence
of points on an elliptic curve that really look random, then convert
the xcoordinates into bit strings. Unfortunately, that conversion
was defective. The end result is output that can be distinguished
from random bit strings, but decimating the output slightly results in
randomlooking output.
In other words, a real, honestly designed PRNG that is semisecure and
where decimation improves things.

kg
.
 References:
 [long] C code of PEARL1, a block encryption algorithm emphasising simplicity
 From: MokKong Shen
 Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 From: Tran Ngoc Duong
 Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 From: Maaartin
 Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 From: Tran Ngoc Duong
 [long] C code of PEARL1, a block encryption algorithm emphasising simplicity
 Prev by Date: Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 Next by Date: Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 Previous by thread: Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 Next by thread: Re: C code of PEARL1, a block encryption algorithm emphasising simplicity
 Index(es):
Relevant Pages
