3

I've devised a PRG using Bezier curves , constructed with Bernstein polynomials, and I was wondering if you guys could help me with some suggestions or constructive criticism.

Basicly I take a random set of 2d points(seed), used as control points for a number of concataned Bezier curves, this makes up my space. The generated space of the curves is alot greater than the set of initial points. When I wish to generate binary output I go through the space, and because of the formula using Bernstein polynomials, each point of the curve is generated with a number of decimals, from wich I extract the raw binary and concatenate a result. It would seem that the binary of the decimals behind the x,y of each point don't give away any indication of the curve.

I keep an index to know how far along the space I've traveled so I don't use the same data again. The original points that will generate the space are random.

I've tested the output with sts. from NIST and it passed everything, but I was told that is hardly enough for a viable PRG. Then I got redirected to stackexchange :)

Any thoughts?

ps: do you guys know any other tests for a prg?

Cristian Leontin Glavan
  • 133
  • 2
  • 1
    Without a meticulously precise description of a PRG, one can't conclude that it is secure. Such description is not given, thus the question can't be answered; and it would probably be off-topic anyway. $;$ Keep in mind that any experimental randomness test not tailored to the PRG tested can only invalidate the hypothesis that it is secure, NOT validate that hypothesis. An analogy: that's similar to a Fermat primality test, which can often invalidate that an integer is prime, but can never tell 1436697831295441 is not prime. – fgrieu Jul 22 '14 at 16:20
  • Yes, you are right I haven't had the time to formalize the description, I focused on the implementation. I hoped someone would've told me something like "here, pass these tests and you are good to go" – Cristian Leontin Glavan Jul 22 '14 at 17:50
  • We can tell you the exact opposite: there is not (and can't be) a test, using a PRG as a black box, that can give a useful indication that a PRG is secure; much less a proof. The best a test does is tell that a PRG is not secure. Existing tests of CSPRNGs are designed to catch faulty implementations, or badly misguided (more often than not, both). – fgrieu Jul 22 '14 at 18:07

1 Answers1

3

PRNGs are a difficult and hot topic.

Some tests can be found here: What tests can I do to ensure my PRNG is working correctly?

But they do not tell you (or others) if your PRNG is really secure. A PRNG must be build in a way, that a third party is not able to "calculate" former or upcoming PRNG output based on some random data from the PRNG.

Community
  • 1
Thor
  • 768
  • 3
  • 6