1995-11-05 - Re: /dev/random - using up entropy?

Header Data

From: Wei Dai <weidai@eskimo.com>
To: Bill Stewart <stewarts@ix.netcom.com>
Message Hash: cad3fdd30c66f690f184b23cd4f11322d2a0d5ff16baffb9e5e1ffab4de5eec4
Message ID: <Pine.SUN.3.91.951104163531.19656J-100000@eskimo.com>
Reply To: <199511042352.PAA07554@ix4.ix.netcom.com>
UTC Datetime: 1995-11-05 01:10:47 UTC
Raw Date: Sun, 5 Nov 1995 09:10:47 +0800

Raw message

From: Wei Dai <weidai@eskimo.com>
Date: Sun, 5 Nov 1995 09:10:47 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: /dev/random - using up entropy?
In-Reply-To: <199511042352.PAA07554@ix4.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951104163531.19656J-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Bill Stewart wrote:

> Most of the designs I've seen look like this:
>         A Reservoir of entropy R = R1....Rn, where n is large, 1024 or 4096
>         An input stream I = I1....Ik, which is mixed into R
>         A mixing function F which is used to mix R <= F(R,I) 
>                 for some chunk of I, possibly empty.
>         A hash function H, typically MD5.
>         An output O = O1...Om = H(R), and E gets mixed after every output.
>                 (These are capital-o, not zero...)

I believe PGP uses this approach.  An implementation of it can also be
found in Crypto++ as randpool.cpp. 






Thread