论文信息 - Using Linear Congruential Generators for Cryptographic Purposes

Using Linear Congruential Generators for Cryptographic Purposes

We try to provide an alternative attitude toward the use of a Linear Congruential Generator (LCG here after) in generating pseudo-random numbers for some cryptographic purpose. In particular, we choose email encryption as our cryptographic application. Our encryption will be considered secure if the attacker cannot infer the pseudo-random numbers without knowing the parameters of the LCG. We implement Plumstead’s inference algorithm [2] for an unknown LCG and our experimental results show that simply increasing the size of the modulus of the LCG does not significantly increase the difficulty of breaking the system. The only way to circumvent the weakness of the LCG, as we conclude, is to hide the generated numbers from the attacker. We suggest a practical attack on the method proposed in [11] and then introduce a much stronger version to patch the loophole without compromising the simplicity of the LCG. Moreover, we speculate that our new version of using the LCG in email encryption may resist the known plaintext attack and, therefore, there is no need to distribute a new set of parameters for the LCG for each encryption.

Bo Sun | Chung-Chih Li

[1] Bruce Schneier,et al. Practical cryptography , 2003 .

[2] Simson L. Garfinkel,et al. PGP: Pretty Good Privacy , 1994 .

[3] Donald E. Knuth,et al. Deciphering a linear congruential encryption , 1985, IEEE Trans. Inf. Theory.

[4] Bruce Schneier,et al. Cryptanalytic Attacks on Pseudorandom Number Generators , 1998, FSE.

[5] Douglas R. Stinson,et al. Cryptography: Theory and Practice , 1995 .

[6] Hugo Krawczyk. How to Predict Congruential Generators , 1992, J. Algorithms.

[7] Bo Sun,et al. Security evaluation of email encryption using random noise generated by LCG , 2005 .

[8] Terry Ritter. The Efficient Generation of Cryptographic Confusion Sequences , 1991, Cryptologia.

[9] Joan Boyar,et al. Inferring sequences produced by pseudo-random number generators , 1989, JACM.

[10] S. K. Park,et al. Random number generators: good ones are hard to find , 1988, CACM.

[11] Donald Ervin Knuth,et al. The Art of Computer Programming, Volume II: Seminumerical Algorithms , 1970 .

[12] Karl Entacher,et al. A Collection of Selected Pseudorandom Number Generators With Linear Structures , 1997 .

[13] J. Boyar. Inferring a Sequence Generated by a Linear Congruence , 1982, FOCS.