| 词条 | Shrinking generator |
| 释义 |
In cryptography, the shrinking generator is a form of pseudorandom number generator intended to be used in a stream cipher. It was published in Crypto 1993 by Don Coppersmith, Hugo Krawczyk, and Yishay Mansour. The shrinking generator uses two linear feedback shift registers. One, called the A sequence, generates output bits, while the other, called the S sequence, controls their output. Both A and S are clocked; if the S bit is 1, then the A bit is output; if the S bit is 0, the A bit is discarded, nothing is output, and we clock the registers again. This has the disadvantage that the generator's output rate varies irregularly, and in a way that hints at the state of S; this problem can be overcome by buffering the output. Despite this simplicity, there are currently no known attacks better than exhaustive search when the feedback polynomials are secret. If the feedback polynomials are known, however, the best known attack requires less than A•S bits of output.[1] An interesting variant is the self-shrinking generator. An implementation of a shrinking generator in PythonThis example uses two Galois LFRSs to produce the output pseudorandom bitstream. The python code can be used to encrypt and decrypt a file or any bytestream.
import sys
class GLFSR: def __init__(self, polynom, initial_value): print "using polynom 0x%X, initial value: 0x%X." % (polynom, initial_value) self.polynom = polynom | 1 self.data = initial_value tmp = polynom while tmp != 0: if tmp & self.mask != 0: tmp ^= self.mask; if tmp == 0: break def next_state(self): self.data <<= 1 if self.data & self.mask != 0: retval = 1 self.data ^= self.polynom class SPRNG: def __init__(self, polynom_d, init_value_d, polynom_c, init_value_c): print "GLFSR D0: ", self.glfsr_d = GLFSR(polynom_d, init_value_d) print "GLFSR C0: ", self.glfsr_c = GLFSR(polynom_c, init_value_c) def next_byte(self): byte = 0 bitpos = 7 while True: bit_d = self.glfsr_d.next_state() bit_c = self.glfsr_c.next_state() if bit_c != 0: bit_r = bit_d byte |= bit_r << bitpos if bitpos < 0: break
def main(): prng = SPRNG(int(sys.argv[3], 16), int(sys.argv[4], 16), int(sys.argv[5], 16), int(sys.argv[6], 16)) with open(sys.argv[1], "rb") as f, open(sys.argv[2], "wb") as g: while True: input_ch = f.read(1) if input_ch == "": break random_ch = prng.next_byte() & 0xff g.write(chr(ord(input_ch) ^ random_ch)) if __name__ == '__main__': See also
References1. ^Caballero-Gil, P. et al. [https://arxiv.org/pdf/1005.0087.pdf New Attack Strategy for the Shrinking Generator] Journal of Research and Practice in Information Technology, Vol. 41, No. 2, May 2009. {{Cryptography stream}} 2 : Stream ciphers|Pseudorandom number generators |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。