[14049] in cryptography@c2.net mail archive
Re: cryptographic ergodic sequence generators?
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sat Sep 6 19:18:15 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "John S. Denker" <jsd@av8n.com>
Cc: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: 06 Sep 2003 18:55:58 -0400
In-Reply-To: <3F5A27CC.5040808@av8n.com>
"John S. Denker" <jsd@av8n.com> writes:
> On 09/06/2003 02:09 PM, Perry E. Metzger wrote:
> > For making things like IP fragmentation ids and other similar
> > protocol elements unpredictable, it would be useful to have what I'll
> > call a cryptographic ergodic sequence generator -- that is, a
> > generator that will produce a sequence of n bit numbers such that
> > there are no repeats until you pass the 2^nth number in the sequence
> > (that is, the sequence is a permutation of all 2^n bit numbers) and
> > such that it is very difficult to predict what the next number in the
> > sequence might be beyond the fact that it will not be one of the
> > numbers seen earlier in the sequence. It is also rather important
> > that the generator be computationally inexpensive.
> >
> > Anyone know how to produce such a thing?
>
> Encrypted counter.
I'd thought of that, but encrypting with a stream cipher would not
work for this application -- it would not produce an ergodic sequence
-- and encrypting with a block cipher would require that the block
cipher use unusually small block sizes for many such applications.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
