Score:1

Communication through shared seed in RNG

ge flag

Given that there are two parties, and a process has been conducted by which both parties are knowledgeable of a shared value p, how could two parties communicate with each other over a public channel using the value p as a seed for a random number generator?

Maarten Bodewes avatar
in flag
*Practically speaking* you should use a stream cipher if you have a pre-shared key, preferably one that offers authentication e.g. AES-GCM or (X)ChaCha20/Poly1305. Especially system PRNG's usually use the seed as additional value, and you don't know how the bits are extracted from the PRNG; sometimes this changes in runtime as well. I'll not go into symmetric key management (KDF's, ratchets, double ratchets etc.).
Kevin Perez avatar
ge flag
I did not hear about stream cipher before, I will look into it if it promises a more practical approach. But I have a secondary question, given that I have a primitive root modulo as used in the Diffie-hellman key exchange, how could I only allow a prime value to be the shared value between two parties? For example, I want to have it so that a central authority has knowledge of a secret shared prime between, let's say Alice and bob, and they each share a unique value a for Alice (Alice) and b for bob(bob) respectively, with the central authority that is prime.
Maarten Bodewes avatar
in flag
I have no idea what you're describing here, or what you are trying to achieve. What do you mean with a "shared prime"? You're using cryptographic terms, but I'm not sure you understand the underlying principles of the terms.
Kevin Perez avatar
ge flag
@maartenBodewes read one of the last pages on this research paper [here](https://arxiv.org/ftp/arxiv/papers/1208/1208.1984.pdf)
SAI Peregrinus avatar
si flag
That does not appear to be a high-quality cryptography paper.
Maarten Bodewes avatar
in flag
Yeah, it's missing a security proof, and a security reduction to make sure that the numbers used can be considered secure, amongst others. The idea that you share a secret and then use a cryptographic RNG is flawed all by itself.
Kevin Perez avatar
ge flag
I can see that this paper was not of very high quality, but I only approached it because of the idea to use the Goldbach conjecture. Now, let's say instead of RNG we use HMAC, so in this sense, it would be implementing the characteristics of SSH. How could I pre-configure both parties to obtain unique prime keys that are known to the central authority? How could I do so with the Diffie-Hellman key exchange? And does this have any practical benefits?
Kevin Perez avatar
ge flag
Also regarding the security proof, what would the attacker model look like?
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.