rng, anyone?
Matthew J Ghio
mg5n+ at andrew.cmu.edu
Sun Apr 17 11:31:37 PDT 1994
hughes at ah.com (Eric Hughes) wrote:
> There is a problem with generating random numbers by repeated
> iterations of a hash function when these numbers will be used to
> simulate an encrypted message body. The body can be seen to be
> generated by the algorithm. All you do is to apply MD5 to the first
> block and see if it's equal to the second block. This completely
> identifies the message as a hash-chain generation, and thus as a fake
> message.
>
> Indistinguishability is a harder criterion to simulate than other
> notions of randomness.
Try xoring the output with a secret value between MD5 hashes.
More information about the cypherpunks-legacy
mailing list