Re: Spritz
Ronald L. Rivest dixit: There is no spritz mailing list or the like (yet); I'll let you know if we create one. We plan to publish an updated paper on Spritz within the next couple of weeks on the IACR eprint site: http://eprint.iacr.org/ OK, thank you. Keep an eye for this. The algorithm will be the same, but the analysis and discussion should be improved, over the version that is now posted on my web site... Okay. What did you think about this: This could probably be improved by changing SHUFFLE to: ⒈ local tmp1 = DRIP() ⒉ local tmp2 = DRIP() ⒊ local tmp3 = DRIP() ⒋ WHIP(2*N + tmp1) ⒌ tmp2 += DRIP() ⒍ tmp3 += DRIP() ⒎ CRUSH() ⒏ WHIP(2*N + tmp2) ⒐ tmp3 += DRIP() ⒑ CRUSH() ⒒ WHIP(2*N + tmp3) ⒓ a = 0 I think (intuition, not science; I’ve written down the idea basically as soon as I had it) that it should reduce loss of entropy in the state, which would benefit use of Spritz as RNG, and not harm use of it as hash and stream cipher other than a slight speed reduction. bye, //mirabilos -- I believe no one can invent an algorithm. One just happens to hit upon it when God enlightens him. Or only God invents algorithms, we merely copy them. If you don't believe in God, just consider God as Nature if you won't deny existence. -- Coywolf Qi Hunt
Re: Spritz
Ronald L. Rivest dixit: I'm not sure why your proposed variation should produce reduced loss of entropy? CRUSH always reduces by 128 bit, but by changing the amount of WHIP calls before a CRUSH, we shuffle things around a bit more. This matches the random skips we currently use in arc4random. In any case, I don't think loss of entropy is a problem. The key space will be much much smaller than the state space, Not if using this as RNG, postprocessing output from something with 8192 bit of internal state, and more-or-less continuously feeding input into it. In this case, the “key” is much larger than the state. bye, //mirabilos -- igli exceptions: a truly awful implementation of quite a nice idea. igli just about the worst way you could do something like that, afaic. igli it's like anti-design. mirabilos that too… may I quote you on that? igli sure, tho i doubt anyone will listen ;)
