Abstract
At Eurocrypt 88 Schnorr [8] proposed a pseudo random generator for which he claimed that it could not be distinguished from a truly random source with less than 2°(n) output bits, even when unlimited computing power was available. We show that this generator can, in fact, be distinguished with only 4n bits of output. Moreover, we present an efficient (linear-time) algorithm which recovers the key from a substring only slightly larger than the generator’s keysize. Consequently, the generator is insecure.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
W. Alexi, B. Chor, O. Goldreich, and C.P. Schnorr, “RSA and Rabin Functions: Certain Parts are as Hard as the Whole”, SIAM Journal on Comput. 17 (1988), pp.194–209.
L. Blum, M. Blum, and M. Shub, “A simple unpredictable pseudo-random number generator”, SIAM J. Comput. 15 (1986), pp. 364–383.
M. Blum, S. Micali, “How to generate cryptographically strong sequences of pseudo-random bits”, SIAM J. Comput. 13 (1984), pp. 850–864.
M.Luby, C. Rackoff, “How to construct pseudorandom permutations from pseudorandom functions”, SIAM J.Comput. 17 (1988), pp. 373–386.
U. Maurer, J.L. Massey, “Perfect Local Randomness in Pseudo-random Sequences”, submitted to Crypto 89.
S. Micali, C.P. Schnorr, “Efficient, perfect random number generators” Preprint MIT, University of Frankfurt, 1988.
Y. Ohnishi, “A study on data security”, Master Thesis (in Japanese), Tohuku University, Japan, 1988.
C.P. Schnorr, “On the construction of random number generators and random function generators”, Proc. Of Eurocrypt 88, Lecture Notes in Computer Science 330, Springer Verlag, 1988.
A. Shamir, “On the generation of cryptographically strong pseudo-random sequences”, 8th International Colloquium on Automata, Languages, and Programming, Lecture Notes in Computer Science 62, Springer Verlag, 1981.
A.C.Yao, “Theory and applications of trap door functions”, Proc. of the 25th IEEE Symp. on Foundations of Computer Science, New York, 1982.
Y. Zheng, T. Matsumoto, H. Imai, “Impossibility and Optimality Results on Constructing Pseudorandom Permutations”, Proceedings of Eurocrypt 89, this Volume, Lecture Notes in Computer Science, Springer Verlag, 1989.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1990 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rueppel, R.A. (1990). On the Security of Schnorr’s Pseudo Random Generator. In: Quisquater, JJ., Vandewalle, J. (eds) Advances in Cryptology — EUROCRYPT ’89. EUROCRYPT 1989. Lecture Notes in Computer Science, vol 434. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46885-4_42
Download citation
DOI: https://doi.org/10.1007/3-540-46885-4_42
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-53433-4
Online ISBN: 978-3-540-46885-1
eBook Packages: Springer Book Archive