Hi Zooko, > Now I've learned that this is not true, > neither for RandomPool nor for X917RNG. RandomPool is based on PGP's Random Pool.
> ... use X917RNG by passing a correctly-sized array of > zeroes for the "deterministic time vector" argument If I recall correctly, ANSI 9.17 recognizes two sources: 3DES (E-D-E) and SHA1. In either case, I think the time variant is required. > after a brief search I didn't see a block > cipher with a sufficiently large (256-bit) SHACAL-2 is 32 bytes, but I'm not sure how secure it is. I don't use it so I have not read up on it. Jeff On 3/13/08, zooko <[EMAIL PROTECTED]> wrote: > > Folks: > > I've continued to use and extend my "pycryptopp" library which > provides a small subset of Crypto++ functionality to Python programmers. > > I've also set up a "trac" to manage pycryptopp. Trac is a > combination of an issue tracker, revision control history, source > code browser, and wiki: > > http://allmydata.org/trac/pycryptopp > > Notice the "Buildbot" button -- that takes you to the display of the > results from automated unit tests. > > Recently I realized that my code which was intended to offer the user > to deterministically generate a public/private key-pair from a secret > seed was not working. I had assumed from the names that "Auto > Seeded" RNGs drew from information outside of the explicit arguments > and that therefore non "Auto Seeded" RNGs would be determined > entirely by their arguments. Now I've learned that this is not true, > neither for RandomPool nor for X917RNG. (So it would be good to > augment the documentation to make it clear that the RandomPool and > X917RNG both sample the clock by default.) > > > So I started to use X917RNG by passing a correctly-sized array of > zeroes for the "deterministic time vector" argument, but then I > realized that the seed size is limited by the block size of the > BlockTransformation, and after a brief search I didn't see a block > cipher with a sufficiently large (256-bit) block size that I wanted > to use. (It would be nice if there were a convenient way to specify > "deterministic PRNG only, please" without having to construct a 32- > byte array of zeroes.) > > > I tried using SHA256, and then Salsa20, but of course they aren't > BlockTransformations. > > So my next idea is to define my own BlockTransformation class which > uses Salsa20 and pretends to have a block size of 32. > > > Make sense? > > Thanks! > > Regards, > > Zooko > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [EMAIL PROTECTED] More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
