| |
 |
|
|
Science Forum Index » Cryptography Forum » A use of bit permutations
Page 1 of 1
|
| Author |
Message |
| Mok-Kong Shen |
 Posted: Thu Jan 01, 2004 8:15 am |
|
|
|
Guest
|
Terry Ritter's DT employs a PRNG to permute a bit-balanced
block (thru adding the needed bits to the given plaintext).
The idea is based (in my understanding) on the intuitively
clear fact that the state of the permuted bit sequence
gives practically no clue to the opponent about the output
of the PRNG that is used to do the permutation and
consequently a statistically good PRNG would already be
suitable for the task (since inference is considered
imfeasible).
Assuming the acceptance of this, then I think that one
could also in general generate bit sequences for use via
the same mechanism. One could namely permute the bits of
a sufficiently large balanced block and output that, and
repeat the process for obtaining more bits. (Should one
be worried about the fact that the last bit of the block
is uniquely determined by the rest, one could e.g.
pseudo-randomly choose a segment of the block for output
instead of outputting the entire block.)
Of course, this process is rather slow and unlikely to
be able to compete in speed with schemes like AES in CTR
mode. But as a viable alternative possibility, it could
be of at least some interest nevertheless, I suppose.
Anyway, its implementation, being fairly straightforward,
could easily be done as improvisation without needing
such details as those commonly involved e.g. in the
specification of most block ciphers.
From this, I think it may be interesting also to extend
the topic to the (much more general) question of where
in practice are true (physically generated) randomness
unconditionally required (excepting OTP, by definition,
of course). For it seems that, if one could manage to
sufficiently well hinder/shield the opponent from
gaining information about the (direct) output of the
PRNG and the PRNG is statistically good, as is e.g. in
the case of DT, then one could be 'practically' safe
in its use. I am well aware that I may be (re-)touching
a highly controversial matter here and that my statements
are exposing my ignorance but I hope that I'll anyway
be able to learn a lot from the opinions of the experts
of the group on this in my humble opinion quite essential
practical issue. Thanks in advance.
M. K. Shen |
|
|
| Back to top |
|
| |
|
Page 1 of 1
All times are GMT - 5 Hours
The time now is Sat Jul 26, 2008 5:14 pm
|
|
