The authors of the Mersenne Twister algorithm (which has a larger period than GB_FLIP by many orders of magnitud) have warned for a long time about using directly these kind of "random" number generators for encrypting purposes (see http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html).
________________________________ From: Raul Miller <[email protected]> To: General forum <[email protected]> Sent: Wed, February 24, 2010 10:09:48 AM Subject: Re: [Jgeneral] GB_Flip RNG seed On Wed, Feb 24, 2010 at 10:01 AM, Dan Bron <[email protected]> wrote: > If we assume he also knows that I'm using GB_FLIP, then why not assume he > also has access to my initial seed and be done with it? I imagine that learning that you are using J would typically be easier than getting physical access to your computer. > But sure, in the interest of learning how this stuff works, let's assume he > can sample as you described earlier, and also knows I'm > using the GB_FLIP algorithm. How would he go about predicting future > generated numbers? A simple approach would be a "dictionary attack": Generate some seeds, generate some numbers, and when you find potential sequence matches go back to those seeds and see if those sequences retain their predictive power. This becomes easier if the attacker can get a backup copy of your program (let us imagine an ex-employee being the attacker -- how many outfits do you know of that re-architect their systems every time an employee leaves?). A more advanced approach would use statistical methods and would take advantage of statistical features of the sequence. -- Raul ---------------------------------------------------------------------- For information about J forums see http://www.jsoftware.com/forums.htm ---------------------------------------------------------------------- For information about J forums see http://www.jsoftware.com/forums.htm
