Someone wrote: > for each bit in the 512-bit register, if the bit is a 1, add the > corresponding array entry into a 521-bit accumulator (init'd to 0 > at the start of this pass), modulo a 521-bit prime. > ^^^ > is this correct? > Yup. 512 + 8 + 1 = 521 512: for the seed for next time 8: for the output byte 1: slop, since numbers mod a 521 bit prime won't give a uniform distribution of the top bit - Carl