pch

diff --git a/prng_gpu.tex b/prng_gpu.tex
index f7499d98f7ab03016283032fde07ffb32364b842..ce0bcc5110492864e090b7fd932fce4bd969b3a8 100644 (file)
--- a/prng_gpu.tex
+++ b/prng_gpu.tex
@@ -40,6 +40,9 @@
 
 \newcommand{\alert}[1]{\begin{color}{blue}\textit{#1}\end{color}}
 
+
+\newcommand{\PCH}[1]{\begin{color}{blue}#1\end{color}}
+
 \title{Efficient and Cryptographically Secure Generation of Chaotic Pseudorandom Numbers on GPU}
 \begin{document}
 
@@ -1600,7 +1603,16 @@ as it is shown in the next sections.
 \section{Security Analysis}
 \label{sec:security analysis}
 
-
+\PCH{This section is dedicated to the analysis of the security of the
+  proposed PRNGs from a theoretical point of view. The standard definition
+  of {\it indistinguishability} used is the classical one as defined for
+  instance in~\cite[chapter~3]{Goldreich}. It is important to emphasize that
+  this property shows that predicting the future results of the PRNG's
+  cannot be done in a reasonable time compared to the generation time. This
+  is a relative notion between breaking time and the sizes of the
+  keys/seeds. Of course, if small keys or seeds are chosen, the system can
+  be broken in practice. But it also means that if the keys/seeds are large
+  enough, the system is secured.}
 
 In this section the concatenation of two strings $u$ and $v$ is classically
 denoted by $uv$.

diff --git a/reponse.tex b/reponse.tex
index e8a1acf9e75f27480b8870ddb4e1e1650ba95097..8d1a2ab2b22b0a4afe614a048b20e842756303dc 100644 (file)
--- a/reponse.tex
+++ b/reponse.tex
@@ -109,7 +109,24 @@ impracticable in practice. To sum up, being cryptographically secure is not a
 question of key size.
 
 \begin{color}{green}
-PCH, tu peux broder là-dessus?
+Most of theoretical cryptographic definitions are somehow an extension of the
+notion of one-way function. Intuitively a one way function is a function
+ easy to compute but  which is practically impossible to
+inverse (i.e. from $f(x)$ it is not possible to compute $x$). 
+Since the size of $x$ is known, it is always possible to use a brute force
+attack, that is computing $f(y)$ for all $y$'s of the good size until
+$f(y)\neq f(x)$. Informally, if a function is one-way, it means that every
+algorithm that can compute $x$ from $f(x)$ with a good probability requires
+a similar amount of time than the brute force attack. It is important to
+note that if the size of $x$ is small, then the brute force attack works in
+practice. The theoretical security properties don't guaranty that the system
+cannot be broken, it guaranty  that if the keys are large enough, then the
+system still works (computing $f(x)$ can be done, even if $x$ is large), and
+cannot be broken in a reasonable time. The theoretical definition of a
+secure PRNG is more technical than the one on one-way function but the
+ideas are the same: a cryptographically secured PRNG can be broken 
+ by a brute force prediction, but not in a reasonable time if the
+ keys/seeds are large enough.
 \end{color}
 
 \bigskip