c7-4 (779518), страница 2
Текст из файла (страница 2)
The function g, which takes 32-bits into 32-bits, is called the “cipher function.”Meyer and Matyas [4] discuss the importance of the cipher function being nonlinear, as wellas other design criteria.DES constructs its cipher function g from an intricate set of bit permutations and tablelookups acting on short sequences of consecutive bits. Apparently, this function was chosento be particularly strong cryptographically (or conceivably as some critics contend, to havean exquisitely subtle cryptographic flaw!). For our purposes, a different function g that canbe rapidly computed in a high-level computer language is preferable.
Such a function mayweaken the algorithm cryptographically. Our purposes are not, however, cryptographic: Wewant to find the fastest g, and smallest number of iterations of the mixing procedure in Figure7.5.1, such that our output random sequence passes the standard tests that are customarilyapplied to random number generators. The resulting algorithm will not be DES, but rather akind of “pseudo-DES,” better suited to the purpose at hand.Following the criterion, mentioned above, that g should be nonlinear, we must givethe integer multiply operation a prominent place in g. Because 64-bit registers are notgenerally accessible in high-level languages, we must confine ourselves to multiplying 16-bitSample page from NUMERICAL RECIPES IN C: THE ART OF SCIENTIFIC COMPUTING (ISBN 0-521-43108-5)Copyright (C) 1988-1992 by Cambridge University Press.Programs Copyright (C) 1988-1992 by Numerical Recipes Software.Permission is granted for internet users to make one paper copy for their own personal use.
Further reproduction, or any copying of machinereadable files (including this one) to any servercomputer, is strictly prohibited. To order Numerical Recipes books,diskettes, or CDROMsvisit website http://www.nr.com or call 1-800-872-7423 (North America only),or send email to trade@cup.cam.ac.uk (outside North America).random floating-point number. They are not very random for that purpose; seeKnuth [1]. Examples of acceptable uses of these random bits are: (i) multiplying asignal randomly by ±1 at a rapid “chip rate,” so as to spread its spectrum uniformly(but recoverably) across some desired bandpass, or (ii) Monte Carlo explorationof a binary tree, where decisions as to whether to branch left or right are to bemade randomly.Now we do not want you to go through life thinking that there is somethingspecial about the primitive polynomial of degree 18 used in the above examples.(We chose 18 because 218 is small enough for you to verify our claims directly bynumerical experiment.) The accompanying table [2] lists one primitive polynomialfor each degree up to 100.
(In fact there exist many such for each degree. Forexample, see §7.7 for a complete table up to degree 10.).
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
