home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky sci.crypt:7071 alt.security.pgp:584
- Newsgroups: sci.crypt,alt.security.pgp
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!att!dptg!ulysses!ulysses!smb
- From: smb@research.att.com (Steven Bellovin)
- Subject: Re: Was Sidelnikov right???
- Message-ID: <1993Jan21.182332.15120@ulysses.att.com>
- Date: Thu, 21 Jan 1993 18:23:32 GMT
- References: <7V2qXB1w165w@tornado.welly.gen.nz>
- Organization: AT&T Bell Laboratories
- Lines: 31
-
- In article <7V2qXB1w165w@tornado.welly.gen.nz>, sai@tornado.welly.gen.nz (Simon McAuliffe) writes:
-
- ....
-
- > This is kinda frightening... Every single test failed miserably,
- > supporting the alternative hypothesis. Even if I tried my best I
- > couldn't fiddle these tests. These tests simply cannot be passed at any
- > significance level.
- >
- > It looks like _THIS_IS_ what Dr. Sidelnikov also did, and it means one
- > of three things: (ranked in order of likelihood as I see it)
- >
- > 1) Both Dr. Sidelnikov and I stuffed up.
- >
- > 2) This correlation test isn't appropriate for this situation.
- >
- > 3) Something funny is going on and either the RNG is badly
- > implemented or IDEA has a problem.
- >
- > Number 1 sounds like the most likely and number 3 is just plain scary.
- >
- > Well, after all this, perhaps Dr. Sidelnikov isn't just a crock. If I
- > didn't make any mistakes, there may be something to what he says after
- > all. Can somebody who really knows some real statistics shed a brighter
- > light on the subject?
-
- An interesting test. A useful control would be to plug in DES instead
- of IDEA, and see what happens. It's pretty well accepted that DES is
- a very good random number generator; if it fails your test, I'd look
- hard at cases 1 and 2. If DES passes, on the other hand, case 3 looks
- plausible.
-
