JBS wrote: > > hal at finney.org wrote: > > > > JBS wrote, regarding Yarrow: > > > The code measures the amount of time in between two real time clock > > > ticks in terms of the number of iterations of a tight loop (closely > > > approximates clock cycles). > > > > I wasn't aware that Yarrow did this. > > I think you may be right. I just looked at the Yarrow code and it isn't > there. I know I remember seeing that technique used somewhere in code > that was labeled as being derived from the Yarrow code, but I don't > remember where it was (although I'm sure it wasn't Java).
The first place I saw that technique used was the free crypto library from AT&T by Jack Lacy et al. I believe the idea for the loop jitter as an entropy source came from Matt Blaze. This software is dated 1995. SeedGenerator.java also does use the technique to initialize SecureRandom, but perhaps other people have copied it as well. Here is the comment block from there. Some of the techniques (particularly grabbing system state) may be useful in the Freenet random class. /** * <P> This class generates seeds for the cryptographically strong random * number generator. * <P> The seed is produced by counting the number of times the VM * manages to loop in a given period. This number roughly * reflects the machine load at that point in time. * The samples are translated using a permutation (s-box) * and then XORed together. This process is non linear and * should prevent the samples from "averaging out". The s-box * was designed to have even statistical distribution; it's specific * values are not crucial for the security of the seed. * We also create a number of sleeper threads which add entropy * to the system by keeping the scheduler busy. * Twenty such samples should give us roughly 160 bits of randomness. * <P> These values are gathered in the background by a daemon thread * thus allowing the system to continue performing it's different * activites, which in turn add entropy to the random seed. * <p> The class also gathers miscellaneous system information, some * machine dependent, some not. This information is then hashed together * with the 20 seed bytes. * * @version 1.7, 98/09/16 * @author Joshua Bloch * @author Gadi Guy */ Hal _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
