1

When I was in grad school, I invented (discovered?) a new PRNG algorithm. This algorithm has an infinite period length (given infinite memory). This in itself cannot be new, because all you need to do to accomplish this is simply take digits from an irrational number. What does make this different, is that it is able to use any size of key. 1 bit, 1 GB, whatever.

The next logical step for me was to turn this into a symmetric key algorithm. simply by generating the bits based off of the seed, and XORing the source file bits with the resulting output.

I am in the middle of developing this into an Android app. My problem is that 100% of my experience has been academic. I know that this algorithm (Binary Lagged Fibonacci) is valuable academically, but does it have a practical value? Does the flexible key size alone give it a benefit over, say, AES?

I have sent some emails out to a few companies, and I am trying to find out why no one has responded at all. My best guess is that 1. they get 1000 crackpots emailing them every day. Or 2. I sound like I have no idea what I am talking about. The second one is definitely true. I just learned the other day I need to be salting the seed when it gets passed.

Jacob Levinson
  • 38
  • 6

1 Answers1

9

Without a proof of security or proper cryptanalysis including an argument why it covers all currently known methods:

The value (in the context of cryptography) is zero.

This might sound harsh, but you brought up the main reason yourself: It is basically impossible to design a new secure cryptosystem without the proper knowledge of the field, but amateurs are convinced otherwise and keep on trying. The only solution here is to write a publication in some peer-reviewed context (e.g. crypto conferences). Regarding your experience, it is not clear from your question, because you wrote:

My problem is that 100% of my experience has been academic

Or 2. I sound like I have no idea what I am talking about. The second one is definitely true

Regarding your algorithm:

A lagged Fibonacci generator is a well known construction. It is an improvement over the linear congruential generator, and is related to similar concepts like LFSR, Mersenne Twister, etc.. But that doesn't say much: Those are not cryptographically secure random number generators, and they have no security at all (from today's point of view). So it's quite reasonable, this is also true for your algorithm.

Considering an infinite period: A large period is required for a proper CSPRNG, but it is not sufficient. A well-known counter example is linear-feedback shift registers, which have large periods and were used for stream ciphers in the past. But they are quite easy to break.

Also irrational numbers might offer an infinite period of numbers, but that doesn't mean they are unpredictable or you can't get the seed back from the sequence. I am not aware of any computationally hard problem regarding irrational numbers.

Community
  • 1
tylo
  • 12,864
  • 26
  • 40