Galilean transformation: Difference between revisions
en>EmausBot m r2.7.2+) (Robot: Adding be:Прынцып адноснасці Галілея |
en>Frinthruit |
||
Line 1: | Line 1: | ||
'''ISAAC''' ('''indirection, shift, accumulate, add, and count''') is a [[cryptographically secure pseudorandom number generator]] and a [[stream cipher]] designed by [[Robert John Jenkins Junior|Robert J. Jenkins Jr.]] in 1996.<ref>Robert J. Jenkins Jr., ISAAC. Fast Software Encryption 1996, pp41–49.</ref> | |||
== Operation == | |||
The ISAAC [[algorithm]] has similarities with [[RC4]]. It uses an [[Array data structure|array]] of 256 four-octet [[Integer (computer science)|integers]] as the internal state, writing the results to another 256 four-octet integer array, from which they are read one at a time until empty, at which point they are recomputed. The computation consists of altering i-element with (i⊕128)-element, two elements of the state array found by indirection, an accumulator, and a counter, for all values of i from 0 to 255. Since it only takes about 19 32-bit operations for each 32-bit output word, it is very fast on 32-bit computers. | |||
== Cryptanalysis == | |||
[[Cryptanalysis]] has been undertaken by Marina Pudovkina (2001).<ref>Marina Pudovkina, A known plaintext attack on the ISAAC keystream generator, 2001, Cryptology ePrint Archive: Report 2001/049, [http://eprint.iacr.org/2001/049/].</ref> Her attack can recover the initial state with a complexity that is approximated to be less than the time needed for searching through the square root of all possible initial states. In practice this means that the attack needs <math>4.67 \times 10^{1240}</math> instead of <math>10^{2466}</math>. This result has had no practical impact on the security of ISAAC. | |||
In 2006 Jean-Philippe Aumasson discovered several sets of weak states.<ref>Jean-Philippe Aumasson, [http://eprint.iacr.org/2006/438 On the pseudo-random generator ISAAC]. Cryptology ePrint archive, report 2006/438, 2006.</ref> The fourth presented (and smallest) set of weak states leads to a highly biased output for the first round of ISAAC and allows the derivation of the internal state, similar to a [[Fluhrer, Mantin and Shamir attack|weakness in RC4]]. It is not clear if an attacker can tell from just the output whether the generator is in one of these weak states or not. He also shows that a previous attack<ref>Souradyuti Paul, Bart Preneel, On the (In)security of Stream Ciphers Based on Arrays and Modular Addition.Asiacrypt 2006.</ref> is flawed, since the [[Souradyuti Paul|Paul]]-[[Bart Preneel|Preneel]] attack is based on an erroneous algorithm rather than the real ISAAC. | |||
An improved version of ISAAC is proposed, called ISAAC+. | |||
== Usage outside of cryptography == | |||
Many implementations of ISAAC are so fast that they can compete with other high speed PRNGs, even with those designed primarily for speed not for security. Only a few other generators of such high quality and speed exist in usage. | |||
ISAAC is used in the Unix tool [[shred (Unix)|shred]] to securely overwrite data. | |||
== References == | |||
{{reflist|30em}} | |||
== External links == | |||
* [http://www.burtleburtle.net/bob/rand/isaacafa.html Official ISAAC website] | |||
* [http://www.wolfgang-ehrhardt.de/misc_en.html#prng Pascal/Delphi port] | |||
* [http://search.cpan.org/dist/Math-Random-ISAAC Math::Random::ISAAC], a Perl module implementation of the algorithm | |||
* [https://github.com/rubycon/isaac.js isaac.js], a JavaScript implementation | |||
{{Cryptography navbox | stream}} | |||
{{DEFAULTSORT:Isaac (Cipher)}} | |||
[[Category:Cryptographically secure pseudorandom number generators]] | |||
[[Category:Stream ciphers]] |
Revision as of 20:04, 24 August 2013
ISAAC (indirection, shift, accumulate, add, and count) is a cryptographically secure pseudorandom number generator and a stream cipher designed by Robert J. Jenkins Jr. in 1996.[1]
Operation
The ISAAC algorithm has similarities with RC4. It uses an array of 256 four-octet integers as the internal state, writing the results to another 256 four-octet integer array, from which they are read one at a time until empty, at which point they are recomputed. The computation consists of altering i-element with (i⊕128)-element, two elements of the state array found by indirection, an accumulator, and a counter, for all values of i from 0 to 255. Since it only takes about 19 32-bit operations for each 32-bit output word, it is very fast on 32-bit computers.
Cryptanalysis
Cryptanalysis has been undertaken by Marina Pudovkina (2001).[2] Her attack can recover the initial state with a complexity that is approximated to be less than the time needed for searching through the square root of all possible initial states. In practice this means that the attack needs instead of . This result has had no practical impact on the security of ISAAC.
In 2006 Jean-Philippe Aumasson discovered several sets of weak states.[3] The fourth presented (and smallest) set of weak states leads to a highly biased output for the first round of ISAAC and allows the derivation of the internal state, similar to a weakness in RC4. It is not clear if an attacker can tell from just the output whether the generator is in one of these weak states or not. He also shows that a previous attack[4] is flawed, since the Paul-Preneel attack is based on an erroneous algorithm rather than the real ISAAC. An improved version of ISAAC is proposed, called ISAAC+.
Usage outside of cryptography
Many implementations of ISAAC are so fast that they can compete with other high speed PRNGs, even with those designed primarily for speed not for security. Only a few other generators of such high quality and speed exist in usage. ISAAC is used in the Unix tool shred to securely overwrite data.
References
43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.
External links
- Official ISAAC website
- Pascal/Delphi port
- Math::Random::ISAAC, a Perl module implementation of the algorithm
- isaac.js, a JavaScript implementation
- ↑ Robert J. Jenkins Jr., ISAAC. Fast Software Encryption 1996, pp41–49.
- ↑ Marina Pudovkina, A known plaintext attack on the ISAAC keystream generator, 2001, Cryptology ePrint Archive: Report 2001/049, [1].
- ↑ Jean-Philippe Aumasson, On the pseudo-random generator ISAAC. Cryptology ePrint archive, report 2006/438, 2006.
- ↑ Souradyuti Paul, Bart Preneel, On the (In)security of Stream Ciphers Based on Arrays and Modular Addition.Asiacrypt 2006.