[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PRNG state (and conditioning) (was Re: netscape's response)

To: [email protected]
Subject: PRNG state (and conditioning) (was Re: netscape's response)
From: Carl Ellison <[email protected]>
Date: Thu, 21 Sep 95 10:28:46 EDT
Cc: [email protected]
Cc: [email protected]
In-Reply-To: "Jeff Weinstein"'s message of Wed, 20 Sep 1995 00:55:13 -0700 <[email protected]>
Sender: [email protected]

If you are looking for PRNG conditioning code, feel free to snarf code from

	http://www.clark.net/pub/cme/html/ranno.html

I'm assuming your new PRNG has enough state (more than 64 bits) that the
128-bit key (or later, larger keys) is worth its bits.

I'm assuming you solve the problem of finding enough entropy bits for
seeding the PRNG and considering how to keep as much of that entropy as
possible in your PRNG seed (rather than, for a silly example, distilling it
to an unsigned int for driving rand() ).

For example, the state in ranG (from the giveaway code) or in ranM may not
by itself lead to a secure PRNG, but when it drives a one-way function
(e.g., ranH, ranD, ranN) the state is still serving a purpose.  [ranG
keeps 186 bytes of state while ranM keeps 32KB of state.]

 - Carl

Prev by Date: Re: USA Today on Fear of Credit Cards over Net
Next by Date: Re: Export via FTP: who's to blame? Ask a court!
Prev by thread: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered InSoftware Used in Shopping)
Next by thread: Re: [NOISE] "hacker" was: first virtual "security"
Index(es):
- Date
- Thread