Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:26 ADT
Cicero (cicero@redneck.efga.org)
16 Jul 1998 10:07:58 -0000
"William H. Geiger III" <whgiii@invweb.net> wrote:
>I think that the whole point of going with a RNG is due to the
>inadequacies of software based systems.
The reason that I advocate going with a PRNG is due to inadequacies in
RNGs.
A certain amount of "keying material", such as session keys, nonces,
... are required for crypto applications. Most platforms currently
do not have RNG chips. So I gather data which contains some entropy,
hash it, and seed a PRNG. A smart card might either not have room for
a RNG, or might not be able to afford its expense. The small device
would have its entropy seed loaded, and run off it until a reloading.
Even if I had a RNG whose manufacturer I trusted, how would I know it
was not defective, or that the maker, though honest, had not erred
either in design or in manufacture, or had degraded since manufacture?
I can read the source for my software PRNG.
>Using a RNG to seed a PRNG and you
>are still limited to the strength of the PRNG though better than using a
>PRNG without a RNG seed.
I would not consider using a PRNG without a RNG seed, and was not
advocating that.
You have pointed out a motivation for having a PRNG with a variable
size input. That would be an improvement. If I had that, I would not
need to hash my input.
Using a RNG only, limits you to the strength of the RNG, which may be
difficult to assess.
Cicero
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:26 ADT