need good RNG WHile Blum-Blum-Shub is probably the cool way to go, RSAREF uses repeated iterations of MD5 to generate its pseudo-randoms, which can be reasonably secure and use code you've probably already got hooks from perl for.
Re: PGP simulators
WHile Blum-Blum-Shub is probably the cool way to go, RSAREF uses repeated iterations of MD5 to generate its pseudo-randoms, which can be reasonably secure and use code you've probably already got hooks from perl for.
There is a problem with generating random numbers by repeated iterations of a hash function when these numbers will be used to simulate an encrypted message body. The body can be seen to be generated by the algorithm. All you do is to apply MD5 to the first block and see if it's equal to the second block. This completely identifies the message as a hash-chain generation, and thus as a fake message. Indistinguishability is a harder criterion to simulate than other notions of randomness. Eric
hughes@ah.com (Eric Hughes) wrote:
There is a problem with generating random numbers by repeated iterations of a hash function when these numbers will be used to simulate an encrypted message body. The body can be seen to be generated by the algorithm. All you do is to apply MD5 to the first block and see if it's equal to the second block. This completely identifies the message as a hash-chain generation, and thus as a fake message.
Indistinguishability is a harder criterion to simulate than other notions of randomness.
Try xoring the output with a secret value between MD5 hashes.
There is a problem with generating random numbers by repeated iterations of a hash function when these numbers will be used to simulate an encrypted message body.
Try xoring the output with a secret value between MD5 hashes.
That'll work. Take the seed as the secret value, and take the first hash as the first block. Eric
participants (3)
-
hughes@ah.com -
Matthew J Ghio -
wcs@anchor.ho.att.com