Am 08.07.2015 um 17:33 schrieb Jeffrey Walton: > > > On Wednesday, July 8, 2015 at 7:31:20 AM UTC-4, Jeffrey Walton wrote: > > Below is the implementation of > RandomNumberGenerator::GenerateWord32 from cryptlib.h. > > I know fair shuffling routines can be tricky. Fisher-Yates has > some non-obvious logic to avoid it, but I'm not sure about the > interaction between GenerateBlock and Crop. See, for example, > > https://security.stackexchange.com/questions/68044/secure-shuffles-and-the-rand-function > > <https://security.stackexchange.com/questions/68044/secure-shuffles-and-the-rand-function>. > > QUESTION: Does it have a bias? > > > It appear NO. I could not detect a statistical bias with the > Chi-Squared test (looking for deviations from the uniform distribution). > The procedure should be secure. It was recommended to be done like this by Cryptography Engineering by Schneier, Fergueson and Kohno.
1. Let k be the smallest integer such that 2^k>=n 2. Use the PRNG to generate a k-bit random number K 3. If K>=n go to step 2 4. output K That's basically what we're doing. We choose a uniformly distributed 32-bit value. Next we "kill" the most significant bits we don't need (performing step 2) Next we check if it's out of range and if not we choose a new one until we find on in-range. This one will be uniformly distributed (no transformations on the number, other than putting it in the "right" position) So we're safe with this implementation. BR JPM > I thought the count of elements in the range [a,b] is given by b - > a + 1 (and not just b - a). > > QUESTION: does it provide all values in the range, inclusive. > > > Yes. > > The library also handled the pathological case where a = b. > > Jeff > -- > -- > You received this message because you are subscribed to the "Crypto++ > Users" Google Group. > To unsubscribe, send an email to > [email protected]. > More information about Crypto++ and this group is available at > http://www.cryptopp.com. > --- > You received this message because you are subscribed to the Google > Groups "Crypto++ Users" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > For more options, visit https://groups.google.com/d/optout. -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
