linus at nordberg.se
Mon Sep 20 15:29:40 CEST 2004
malik.hammoutene at epfl.ch wrote
Thu, 16 Sep 2004 10:21:44 +0200:
| I'm developping some cryptographic protocol and I'm using GMP. My question is to
| know if the random functions of GMP are cryptographically secure. Nothing is
| said in the documentation.
No. The default (and only implemented) algorithm used is linear
congruental, which sequence is predictable (even if you use a good
If you're looking for a stream cipher, perhaps RC4 could suffice?
Otherwise, implementing Blum, Blum, and Shub (BBS) would be
interesting. Using BBS for a stream cipher is supposedly very costly
but gives the possibility to calculate the i'th bit directly without
iterating through the complete sequence from the seed. The sequence
is still unpredictable "both to the left and to the right", which
means that given a sequence, you cannot predict the bit before,
nor the bit after the sequence.
More information about the gmp-discuss