home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!sun-barr!sh.wide!wnoc-tyo-news!nec-tyo!nec-gw!sgiblab!zaphod.mps.ohio-state.edu!sample.eng.ohio-state.edu!columbia!butzerd
- From: butzerd@columbia.eng.ohio-state.edu (Dane C. Butzer)
- Subject: pseudo one time pad...
- Message-ID: <1992Nov11.173642.29608@ee.eng.ohio-state.edu>
- Sender: news@ee.eng.ohio-state.edu
- Organization: The Ohio State University Dept of Electrical Engineering
- Date: Wed, 11 Nov 1992 17:36:42 GMT
- Lines: 44
-
- In the FAQ (Thanks to Larry Loen for this... it is informative...), the
- following is stated about pseudo one time pads:
-
- There are a variety of cipher systems which generate "pseudo
- one time pad" streams of cipher key, but all have the same
- theoretical vulnerability; any algorithmic process introduces
- relationships between some old key bit(s) and the new key bit
- and so permits cryptanalysis. "Random number generators" are
- frequently dreamed up by newcomers as a "pseudo one time pad",
- but they are notoriously vulnerable to analysis, all
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- independent of whether the pseudo-random stream satisfies
- randomness tests or not.
-
- My question is, why? Now before I get roasted & told to "read the
- literature..." and "your an idiot...", I have read the literature. I've
- also spent a considerable amount of time working with/analysing pseudo
- random number generators (PRNGs). It seems to me that, if your source is
- sufficiently random (ie. NOT some type of feedback shift register or linear
- recurrence equation, but something random in a cryptographic as well as a
- statistical sense), and you follow the one time rule (ie. only use any key
- ONCE - never encrypt 2 files with the same key), this should be pretty
- secure. For example, would the following be "vulnerable to analysis"?
-
- 1) DES a file of ASCII 0's (of the same length as the plain text) with
- some key - this gives you a pseudo-random bit stream.
-
- 2) XOR this with the plain text ---> cipher text.
-
- This is pseudo one time pad that I don't think would be "easy" to break.
- Now, how about substituting some other type of PRNG for DES? If its
- non-predictive (can't determine numbers in the stream from other numbers)
- and statistically random, whouldn't it work? Is the real problem coming up
- with a "good" enough PRNG?
-
- Thanks for the help...
-
- Dane Butzer
-
- -------------------------------------------------------------------------------
- HappY HappY JOY JOY !!! | Long disclaimer does not follow. Press n to skip
- - Ren & Stimpy | anyways... butzerd@ee.eng.ohio-state.edu
- -------------------------------------------------------------------------------
-
-