Avalanche Depth of hash functions

Anonymous (nobody@replay.com)
Fri, 9 Oct 1998 01:16:09 +0200

• Next message: Richard Stallman: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
• Previous message: Keith Lockstone: "Avalanche Depth of hash functions"
• Next in thread: Bill Frantz: "(no subject)"
• Reply: Bill Frantz: "(no subject)"
• Maybe reply: Keith Lockstone: "Re: Avalanche Depth of hash functions"

> I ran both the old MD5 plus a longword call count generator and the new one
> based on Arc5 I posted last week through Maurer's statistical test. I used
> my Java translation of David Honig's <honig@sprynet.com> implementation of
> Ueli M Maurer's "Universal Statistical Test for Random Bit Generators".
> Thanks for posting it David.
>
> I ran the tests with continuous seeding turned on and with it turned off.
> All tests ran for the maximum 66,191,360 samples. Here are the results.

Remember that even a very low-entropy stream will pass most statistical
randomness tests when run through conditioning routines; paranoia is still
permissible, y'all. Refer to the earlier RNG threads for more on that.

Those designing applications for a truly surreal threat model might want
to up the minimum amount of entropy tossed in per go.

If you're worried about your state being compromised on disk but not about
delays, set the generator to assume that your state was compromised (i.e.,
set the initial available entropy to zero).

Are you sure about the use of the raw key schedule over an
already-initialised Arc4 state? I'd think it might not always give you all
the avalanche you want.

• Next message: Richard Stallman: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
• Previous message: Keith Lockstone: "Avalanche Depth of hash functions"
• Next in thread: Bill Frantz: "(no subject)"
• Reply: Bill Frantz: "(no subject)"
• Maybe reply: Keith Lockstone: "Re: Avalanche Depth of hash functions"