Does anyone here know the approximate ammount of output from a BBS PRNG needed to predict with some certainty the next bit or bits? - is the generator totally secure, ie. do you need to factor to predict or is there an attack using the output? Datacomms Technologies web authoring and data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey"
paul@fatmans.demon.co.uk writes:
Does anyone here know the approximate ammount of output from a BBS PRNG needed to predict with some certainty the next bit or bits? - is the generator totally secure, ie. do you need to factor to predict or is there an attack using the output?
The whole point of a BBS generator is that you have to factor in order to predict -- I'm sure that Schneier has a discussion on this. Perry
participants (2)
-
paul@fatmans.demon.co.uk -
Perry E. Metzger