Re: Analysis of /dev/random

New Message Reply About this list Date view Thread view Subject view Author view

Ge' Weijers (ge@Progressive-Systems.Com)
Fri, 9 Apr 1999 10:26:21 -0400


On Thu, Apr 08, 1999 at 04:47:37PM -0700, David Honig wrote:
> I just generated some raw binary files with my BSD 3.0 (Walnut Creek)
> /dev/random and then ran Maurer's Universal Statistical Test (blocksize=8
> bits)
> on the result. MUST measured ~7.19 reliably on several indendent runs. This
> is the expected value for a uniformly distributed random sample.

I wrote a simple utility a few months back that generates 'random'
output. We used it to estimate the capacity of backup tapes using
different blocking factors. We wanted to make sure that the
compression built into the drive would not mess up the measurements.

It's basically the TEA block cipher encrypting a counter. TEA is
rekeyed every 256 blocks. MUST shows ~7.19 consistently, but it's not
useful as a cryptographic random generator because it's initial key is
derived from the time() system call (it had to run on SunOS: no
/dev/random). If you have the first, say, 32 bytes of the output you
can easily brute-force the key and derive the rest. So the output is
perfectly compressible given the right statistical model :-)

It's easy to fool MUST.

Ge'

-- 
-
Ge' Weijers                                Voice: (614)326 4600
Progressive Systems, Inc.                    FAX: (614)326 4601
2000 West Henderson Rd. Suite 400, Columbus OH 43220


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:21