[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
At 5:53 AM 9/20/95, Jeff Weinstein wrote:
> This was a bad mistake on our part, and we are working hard to fix it.
> We have been trying to identify sources of random bits on PCs, Macs, and
> all of the many unix platforms we
Maintain a 4K entropy buffer.
Mingle the exact time an place of each mouse hit into the
entropy buffer using some combination that will have the
effect of progressively shifting bits all over the place, so that every
noise bit that you get eventually effects every bit of the buffer in a
complicated way.
For example:
Buf[p] = MouseNoise + Buf[p] + Buf[p-24] + Buf[p-55];
p = p+1;
(See Knuth, SemiNumerical Algorithms, Book 2, page 27 for the
magic properties of the numbers 24, 55. This rule means
that buffer immediately before p depends in a non linear
fashion on all the noise you have received.)
Whenever you need a random number, take a one way checksum,
for example MD5, of the most recently altered part of that
buffer. Use that as your random number.
Whenever the user has used this buffer during a session, then
when he quits netscape, save the buffer after first hashing
it.
To hash the buffer without loss of entropy, take the hash of
one block of the buffer, and XOR it onto the next block (not
the block that you hashed.) Repeat for each block in the
buffer cyclicly.
Publish your random number and encryption code here and in
sci.crypt.
---------------------------------------------------------------------
|
We have the right to defend ourselves | http://www.jim.com/jamesd/
and our property, because of the kind |
of animals that we are. True law | James A. Donald
derives from this right, not from the |
arbitrary power of the state. | [email protected]