Perry E. Metzger wrote:
For making things like IP fragmentation ids and other similar protocol
elements unpredictable, it would be useful to have what I'll call a
cryptographic ergodic sequence generator -- that is, a generator that
will produce a sequence of n bit numbers such that there are no
repeats until you pass the 2^nth number in the sequence (that is, the
sequence is a permutation of all 2^n bit numbers) and such that it is
very difficult to predict what the next number in the sequence might
be beyond the fact that it will not be one of the numbers seen earlier
in the sequence. It is also rather important that the generator be
computationally inexpensive.
Anyone know how to produce such a thing?
How about Hasty Pudding Cipher on an n-bit block encrypting an n-bit
counter? See http://www.cs.arizona.edu/~rcs/hpc/ .
If 'n' is too small, I suppose you'd run into attacks like the
blackjack 10-count, where you can get a little leverage if the
previous picks have been randomly overconcentrated. For reasonable
n that shouldn't be a problem.
--
Jim Gillogly
Highday, 9 Halimath S.R. 2003, 00:00
12.19.10.9.17, 7 Caban 5 Mol, Eighth Lord of Night
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
