> (2) Memset the dtbuf > - loss of entropy > - no suppression file > - most likely compliant >
In this case, we opted for a memset of the tail bytes in the timestamp buffer. According to the X9.31 spec, the security of the generator lies in the key, and not the timestamp. The timestamp is used to help ensure non-reuse of a security context. Also see http://crypto.stackexchange.com/q/634. I have not been able to locate the X9.31 test vectors. I see them mentioned frequently; I just have not been able to locate the actual vectors. Once we have them in hand, we may know more about handling of the buffer or how to cope with a timestamp that is smaller than the block size. The check-in was committed at https://github.com/weidai11/cryptopp/commit/76b2f9387d686ea4a880c820b4de0bca7214839c . Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
