[39761] in Cypherpunks
PRNG state (and conditioning) (was Re: netscape's response)
daemon@ATHENA.MIT.EDU (Carl Ellison)
Thu Sep 21 10:33:35 1995
Date: Thu, 21 Sep 95 10:28:46 EDT
From: Carl Ellison <cme@TIS.COM>
To: jsw@netscape.com
Cc: cme@TIS.COM
Cc: cypherpunks@toad.com
In-Reply-To: "Jeff Weinstein"'s message of Wed, 20 Sep 1995 00:55:13 -0700 <199509202031.NAA06951@comsec.com>
If you are looking for PRNG conditioning code, feel free to snarf code from
http://www.clark.net/pub/cme/html/ranno.html
I'm assuming your new PRNG has enough state (more than 64 bits) that the
128-bit key (or later, larger keys) is worth its bits.
I'm assuming you solve the problem of finding enough entropy bits for
seeding the PRNG and considering how to keep as much of that entropy as
possible in your PRNG seed (rather than, for a silly example, distilling it
to an unsigned int for driving rand() ).
For example, the state in ranG (from the giveaway code) or in ranM may not
by itself lead to a secure PRNG, but when it drives a one-way function
(e.g., ranH, ranD, ranN) the state is still serving a purpose. [ranG
keeps 186 bytes of state while ranM keeps 32KB of state.]
- Carl
