timestamp = {2009.06.29}
}
+@INPROCEEDINGS{Fischlin,
+ author = {Fischlin, R. and Schnorr, C. P.},
+ title = {Stronger security proofs for RSA and rabin bits},
+ booktitle = {Proceedings of the 16th annual international conference on Theory
+ and application of cryptographic techniques},
+ year = {1997},
+ series = {EUROCRYPT'97},
+ pages = {267--279},
+ address = {Berlin, Heidelberg},
+ publisher = {Springer-Verlag},
+ acmid = {1754569},
+ isbn = {3-540-62975-0},
+ location = {Konstanz, Germany},
+ numpages = {13},
+ url = {http://dl.acm.org/citation.cfm?id=1754542.1754569}
+}
+
@INPROCEEDINGS{BattiatoCGG99,
author = {Sebastiano Battiato and Dario Catalano and Giovanni Gallo and Rosario
Gennaro},
+\begin{color}{red}
+\subsection{Practical Security Evaluation}
+
+Suppose now that the PRNG will work during
+$M=100$ time units, and that during this period,
+an attacker can realize $10^{12}$ clock cycles.
+We thus wonder whether, during the PRNG's
+lifetime, the attacker can distinguish this
+sequence from truly random one, with a probability
+greater than $\varepsilon = 0.2$.
+We consider that $N$ has 900 bits.
+
+The random process is the BBS generator, which
+is cryptographically secure. More precisely, it
+is $(T,\varepsilon)-$secure: no
+$(T,\varepsilon)-$distinguishing attack can be
+successfully realized on this PRNG, if~\cite{Fischlin}
+$$
+T \leqslant \dfrac{L(N)}{6 N (log_2(N))\varepsilon^{-2}M^2}-2^7 N \varepsilon^{-2} M^2 log_2 (8 N \varepsilon^{-1}M)
+$$
+where $M$ is the length of the output ($M=100$ in
+our example), and $L(N)$ is equal to
+$$
+2.8\times 10^{-3} exp \left(1.9229 \times (N ~ln(2)^\frac{1}{3}) \times ln(N~ln 2)^\frac{2}{3}\right)
+$$
+is the number of clock cycles to factor a $N-$bit
+integer.
+
+A direct numerical application shows that this attacker
+cannot achieve its $(10^{12},0.2)$ distinguishing
+attack in that context.
+
+\end{color}
+
\subsection{Toward a Cryptographically Secure and Chaotic Asymmetric Cryptosystem}
\label{Blum-Goldwasser}
We finish this research work by giving some thoughts about the use of
Furthermore, we have shown that when the inputted generator is cryptographically
secure, then it is the case too for the PRNG we propose, thus leading to
the possibility to develop fast and secure PRNGs using the GPU architecture.
-An improvement of the Blum-Goldwasser cryptosystem, making it
-behaves chaotically, has finally been proposed.
+\begin{color}{red} An improvement of the Blum-Goldwasser cryptosystem, making it
+behaves chaotically, has finally been proposed. \end{color}
In future work we plan to extend this research, building a parallel PRNG for clusters or
grid computing. Topological properties of the various proposed generators will be investigated,
