This preview shows page 1. Sign up to view the full content.
Unformatted text preview: nly clock the generator three times as fast as the data stream, you can only create three streams. Another way is to use the same sequence for each channel—perhaps with a variable time delay. This is insecure. A really clever idea [1489], patented by the NSA, is shown in Figure 17.11. Dump the output of your favorite generator into an mbit simple shift register. At each clock pulse, shift the register one to the right. Then, for each output stream, AND the register with a different mbit control vector viewed as a unique identifier for the desired output stream, then XOR all the bits together to get the output bit for that stream. If you want several output streams in parallel, you need a separate control vector and an XOR/AND logic array for each output stream. There are some things to watch out for. If any of the streams are linear combinations of other streams, then the system can be broken. But if you are clever, this is an easy and secure way to solve the problem. 17.14 Real RandomSequence Generators
Sometimes cryptographically secure pseudorandom numbers are not good enough. Many times in cryptography, you want real random numbers. Key generation is a prime example. It’s fine to generate random cryptographic keys based on a pseudorandom sequence generator, but if an adversary gets a copy of that generator and the master key, the adversary can create the same keys and break your cryptosystem, no matter how secure your algorithms are. A randomsequence generator’s sequences cannot be reproduced. No one, not even you, can reproduce the bit sequence out of those generators. Figure 17.11 Multiplebit generator. There is a large philosophical debate over whether any of these techniques actually produces real random bits. I am not going to address that debate. The point here is to produce bits that have the same statistical properties as random bits and are not reproducible. The important thing about any real randomsequence generator is that it be tested. There is a wealth of literature on this topic. Tests of ran...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details