Method and device for generating a pseudorandom sequence

Assignee

• FRANCE TELECOM · FR

Inventors

• Henri Gilbert · Les Ulis, FR
• Jacques Patarin · Versailles, FR
• Côme Berbain · Montrouge, FR

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F7/582
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A method of generating a pseudorandom sequence of terms belonging to a finite body K of cardinal q≧2 intended to be used in a cryptographic procedure, said method comprising the iterative calculation, from an initialization n-tuple X(0)=(X(0)1, X(0)2, . . . , X(0)n), where n≧2, of elements of K, of n-tuples X(i)=(X(i)1, X(i)2, . . . , X(i)n) of elements of K (where i=1, 2, . . . ), each n-tuple X(i) being obtained on iteration number i in a predetermined manner at least from certain components Y(i)k of an m-tuple Y(i)=(Y(i)1, Y(i)2, . . . , Y(i)m), where m≧n, of elements of K and the terms of said pseudorandom sequence being extracted in a predetermined manner from the n-tuples X and/or the m-tuples Y. For at least one value of i, among said components Y(i)k of the m-tuple Y(i) that are used to obtain the multiplet X(i), at least E(n/2) of them are each represented by a predetermined second degree polynomial function, with coefficients in K, of the components of the n-tuple X(i−1).