On the generation of cryptographically strong pseudorandom sequences

This paper shows how to generate from a short random seed a long sequence of pseudorandom numbers which is cryptogrgraphically strong in the sense that knowing some sequence elements cannot possibly help the cryptanalyst to determine other sequence elements. The method is based on the RSA cryptosystem, and it is the first published example of a pseudorandom sequence generator for which such a property has been formally proved.