From: norm@netcom.com (Norman Hardy)
Date: Tue, 17 Oct 95 17:29:46 PDT
To: "Martin Diehl" <cypherpunks@toad.com
Subject: Re: Using deterministic programs to select private RSA keys.
Message-ID: <aca9fb3f01021004b95f@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 10:38 AM 10/17/95, Martin Diehl wrote:
....
>     I suggest that if you capture the time in microseconds between
>     keystrokes and insert the least significant 8 bits between the
>     corresponding characters (i. e. <letter1> <time2 - time1> <letter2>
>     <time3 - time2> <letter3> ... <letter nnn> <time until double CR -
>     time nnn>) and MD5 the set of values, the resulting "random" value
>     will be different for both people who type different input texts as
>     well as those people who type the same input text.
....
Indeed, but the point of the proposal is a determinate and reproducible
program behavior so as to gain confidence that the output is correct by
comparing output of several programs.
....

>     As regards the observation that MD5 produces only a 128 bit result,
>     you could call MD5 after each nn values (at least 16) have been
>     entered.  In that way a few lines of input and associated timing
>     values could easily generate a value of the same order of magnitude as
>     the number  of 1K primes.
....
Sounds good.