Cryptography Reference
In-Depth Information
Table 12-2. Test results of the FLINT/C random number generators
Test
Rand64
RandRMDSHA-1
RandBBS
RandAES
Tolerance Interval
[9654
,
10346]
Monobit
9997.29
10000.11
9999.15
9998.66
[1
.
03
,
57
.
40]
Poker
15.11
14.70
15.19
15.01
[2267
,
2733]
Runs length 1
2499.55
2501.69
2500.02
2499.86
[1079
,
1421]
Runs length 2
1250.29
1249.31
1249.38
1249.48
[502
,
748]
Runs length 3
625.05
624.95
625.07
625.22
[233
,
402]
Runs length 4
312.16
312.32
312.87
312.59
Runs length 5
156.29
156.22
156.15
156.11
[90
,
223]
[90
,
233]
Runs length 6
156.36
156.34
156.23
156.41
[0
,
0]
Longruns
0.00
0.00
0.00
0.00
[2327
,
2673]
Autocorrelation
2500.79
2500.06
2501.00
2500.10
from knowledge of the internal state
s
i
, and therefore, with knowledge of the
internal state of RandAES, it is even impossible to determine from a subsequence
any predecessors of that subsequence. For
c
=1
, then, RandAES can be placed in
class K4.
The argumentation for RandRMDSHA1 is similar. Because of the unidirec-
tional properties of SHA-1, one cannot draw conclusions about the internal
state of the generator from a subsequence, and therefore, no predecessors or
successors can be determined. This ensures membership in class K3. Because
of the same property in RIPEMD-160, no previous states can be derived from
an internal state of the generator, without which again no predecessors can be
determined. Thus the random number generator RandRMDSHA-1 can be placed
in class K4.
For RandBBS an argument has already been presented that supports placing
the generator in class K4.
An extensive overview of this field can be found in [Knut]. In particular, a
comprehensive presentation of the theoretical evaluation of random number
generators is provided in [Nied]. Ideas for constructing random number
generators presented in this chapter have been taken from [Sali], as well as the
type of representation of the test results in Table 12-2. Some pragmatic ideas for
testing random sequences are contained in [FIPS].
12.4 More Complex Functions
In this section we will prepare several functions for generating random numbers
and random prime numbers with additional boundary conditions that are not
