-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alright, I'm happy enough with it to shut up after this, so this is the
last time you'll hear me talk about it (with any luck).
The EntropyPool class is the same as before, but it has a second SHA-1
context used when random numbers are actually generated. The output of
the entropy pool is fed into this context, along with an incrementing
counter value. This allows the PRNG to peacefully degrade into practical
randomness even when entropy is low.
However, to prevent low entropy, there is a small, lowest priority thread
that activates when the entropy count falls below half the size of the
pool. It then begins calculating clock jitter, using the low-order three
bits as random information until the pool is full again. I'm reasonably
confident that this system, especially with more entropy collection points
in the server (any ideas?) would be strong enough for any of our purposes.
That said, keep in mind that those of you running on unix should probably
be using the RandFile random source pointing at /dev/urandom or the
EGD. But for those not so fortunate, this should be pretty darned good.
Scott
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4/NrxpXyM95IyRhURArynAJsFi8ODoMpufRSOq44lHjXhij8/tACbB8eL
//CpwSm/0marA77j42BC2cw=
=tAbd
-----END PGP SIGNATURE-----
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
