Advertisement

On Stern’s Attack Against Secret Truncated Linear Congruential Generators

  • Scott Contini
  • Igor E. Shparlinski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3574)

Abstract

In 1987, Stern showed how the parameters for secret truncated linear congruential generators could be derived in polynomial time. Here, we present a modification to that algorithm which makes it simpler, more robust, and require less data. We then present a more careful analysis of the algorithm, and establish some limits of its applicability. Thus, secret truncated linear congruential generators may not necessarily be insecure for properly chosen parameters. Unfortunately, as in the original algorithm, all the results remain heuristic, however we present results of numerical experiments which support our conclusions.

Keywords

Polynomial Time Approximation Factor Great Common Divisor Basis Reduction Lattice Reduction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proc. 33rd ACM Symp. on Theory of Comput., pp. 601–610. ACM, New York (2001)Google Scholar
  2. 2.
    Boyar, J.: ‘Inferring sequences produced by pseudo-random number generators. J. ACM 36, 129–141 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Boyar, J.: Inferring sequences produces by a linear congruential generator missing low–order bits. J. Cryptology 1, 177–184 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Frieze, A.M., Hastad, J., Kannan, R., Lagarias, J.C., Shamir, A.: Reconstructing truncated integer variables satisfying linear congruences. SIAM J. Comp. 17, 262–280 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Joux, A., Stern, J.: Lattice reduction: A toolbox for the cryptanalyst. J. Cryptology 11, 161–185 (1998)zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Konyagin, S.V., Shparlinski, I.: Character sums with exponential functions and their applications. Cambridge Univ. Press, Cambridge (1999)zbMATHCrossRefGoogle Scholar
  7. 7.
    Knuth, D.E.: Deciphering a linear congruential encryption. IEEE Trans. Inf. Theory 31, 49–52 (1985)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Knuth, D.E.: The art of computer Programming: Seminumerical algorithms, vol. 2. Addison-Wesley, Reading (1981)zbMATHGoogle Scholar
  9. 9.
    Krawczyk, H.: How to predict congruential generators. J. Algorithms 13, 527–545 (1992)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Kurlberg, P., Pomerance, C.: On the period of the linear congruential and power generators. Acta Arith. (to appear)Google Scholar
  11. 11.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Ann. 261, 513–534 (1982)Google Scholar
  12. 12.
    Magma Computer Algebra Package, http://magma.maths.usyd.edu.au/magma/
  13. 13.
    Niederreiter, H.: Quasi-Monte Carlo methods and pseudo-random numbers. Bull. Amer. Math. Soc. 84, 957–1041 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Niederreiter, H.: Random number generation and Quasi–Monte Carlo methods. SIAM Press, Philadelphia (1992)zbMATHGoogle Scholar
  15. 15.
    Schnorr, C.P.: A hierarchy of polynomial time basis reduction algorithms. Theor. Comp. Sci. 53, 201–224 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Stern, J.: Secret linear congruential generators are not cryptographically secure. In: Proc. 28th IEEE Symp. on Found. of Comp. Sci., pp. 421–426. IEEE, Los Alamitos (1987)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Scott Contini
    • 1
  • Igor E. Shparlinski
    • 1
  1. 1.Department of ComputingMacquarie UniversityAustralia

Personalised recommendations