hi,
PRNG-Pseudo random number generators
PRNG's -will- repeat in one of these two ways. RNG's will
repeat
strictly speakin only for small k-distributions of characters. The
smaller
the better.
As to the second, pi has lots of examples of repeats (visit the
Pi
page and see for yourself) at different k-distribution scales. What pi
won't do is repeat the entire sequence; **4*5*...........**4*5*...
If it did that would make it rational (eg 66666 or
*28*28*28*28...*28...).
Not the same thing at all.
I wonder how long the blow fish will stay secure.
Its P-array can be obtained with 2^(8*r+*) chosen plain text attack.(The reference to it is hard to get as the paper on cryptanalysis of blow fish was not as such released.)
where r indicate rounds.
For blow fish r=*6
A large corprate is certainly going to obtain the p-array used.
Another idea which doesn't look good is using strings from the pi for the initial p-array & 4 s-boxes.
The problem is thiugh pi is irrational(non-repeating non-terminating) u cant determine the degree of randomness of the strings of pi over a certain digit of numbers.
Say pi=*.*4*5...
IF i choose the *st 4 decimals of pi *,4,*,5 for ur p-box,it will have a certain degree of randomness,for a different set of decimals of pi it will have a different degree of randomness.
We would need to use those with low K-Distribution
More over since the S-Boxes & P-array are generated using the blow fish algorithm by encrypting 0 vectors,it doesn't have the strength the conventional des S-Boxes have.
No S-BOX design criteria is met.
By using a pseudo RNG or RNG -to create the S-Box does not mean the design criteria for S-Box is met and makes the S-Box weak.
More over since the p array is easily obtained as earlier mentioned-I really doubt how wise it is actually continue with *6 rounds of the blow fish
Data.
Reply With Quote