Paper 2011/007

KISS: A Bit Too Simple

Greg Rose

Abstract

KISS (`Keep it Simple Stupid') is an efficient pseudo-random number generator specified by G. Marsaglia and A. Zaman in 1993. G. Marsaglia in 1998 posted a C version to various USENET newsgroups, including \texttt{sci.crypt}. Marsaglia himself has never claimed cryptographic security for the KISS generator, but many others have made the intellectual leap and claimed that it is of cryptographic quality. In this paper we show a number of reasons why the generator does not meet the KISS authors' claims, why it is not suitable for use as a stream cipher, and that it is not cryptographically secure. Our best attack requires about 70 words of generated output and a few hours of computation to recover the initial state.

Note: Minor updates to paper based on recieved comments.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Might be submitted to SAC'11
Keywords
PRNGstream ciphercryptanalysis
Contact author(s)
ggr @ qualcomm com
History
2011-10-20: last of 3 revisions
2011-01-05: received
See all versions
Short URL
https://ia.cr/2011/007
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/007,
      author = {Greg Rose},
      title = {KISS: A Bit Too Simple},
      howpublished = {Cryptology ePrint Archive, Paper 2011/007},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/007}},
      url = {https://eprint.iacr.org/2011/007}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.