chongo@nsc.UUCP (Landon Noll) (12/02/83)
a previous article on random number generators was well on target. i will present the random(3) generator as a way around some of the problems noted with rand(3). >the problem of finding a "very good" generator becomes very difficult. in 4.1C BSD (and i guess 4.2BSD) there is what seems to be a much improved random number generator called random(3). although i have not experimented with random(3) directly, i do know that the method they claim to use is VERY good and yields VERY long highly random sequences. i believe that this generator is a "very good" generator. >Ignoring the fact that the low order bits of rand() are very orderly >(the first bit flips alternately on and off!): >2. rand() is a LINEAR function. If F(x) is a linear function, then >F(11010) = F(10000) + F(01000) + F(00010), which means you can break >the code "one bit at at time" and combine the results. this method uses a non-linear additive feedback random number generator. random(3) low order bits are quite random (unlike rand()), thus random()&1 yields a random binary value. >1. If you know at least one word of plaintext, plaintext[i], you can >find rand()[i], and thus know the entire sequence. now for the bad news: this is true for all PURE random number encryption systems, i.e., they are not public key. one way to help this overcome problem is to use a non-pure two random number method as follows: - start two random number sequences with two different seeds. these two seeds are your master key. generate a few random values to unlink your master key from the first values as well as reasonable. then for each 64 bits generate the cpthertext by: 1) use the next value from sequence 1 as a key for the DES. (use setkey()) 2) encrypt your plaintext using the DES. (use encrypt()) 3) xor the result of step 2 with the next value from sequence 2. you can use something other than the DES, but be careful that you dont yield a composite function in step 2 which allows an easy jump from plaintext to the cyphertext of step 3. might ask why use random numbers at all when you are using the DES? well i trust the NSA less than the NSA trusts everyone else... :-) chongo <01101 10110? 1011 010 011. 01101 10111 001! :-)> /\../\ p.s. non-flame comments by mail are invited.