No Subject

["James A. Donald" <jamesd@echeque.com>]

At 5:53 AM 9/20/95, Jeff Weinstein wrote:
>  This was a bad mistake on our part, and we are working hard to fix it.
> We have been trying to identify sources of random bits on PCs, Macs, and
> all of the many unix platforms we 

Maintain a 4K entropy buffer.

Mingle the exact time an place of each mouse hit into the 
entropy buffer using some combination that will have the 
effect of progressively shifting bits all over the place, so that every
noise bit that you get eventually effects every bit of the buffer in a
complicated way.

For example:

        Buf[p] = MouseNoise + Buf[p] + Buf[p-24] + Buf[p-55];
        p = p+1;

(See Knuth, SemiNumerical Algorithms, Book 2, page 27 for the 
magic properties of the numbers 24, 55.   This rule means 
that buffer immediately before p depends in a non linear 
fashion on all the noise you have received.)

Whenever you need a random number, take a one way checksum, 
for example MD5, of the most recently altered part of that 
buffer.  Use that as your random number. 

Whenever the user has used this buffer during a session, then 
when he quits netscape, save the buffer after first hashing 
it.

To hash the buffer without loss of entropy, take the hash of 
one block of the buffer, and XOR it onto the next block (not 
the block that you hashed.)  Repeat for each block in the 
buffer cyclicly.


Publish your random number and encryption code here and in 
sci.crypt.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com