So, if someone were to write software that could fix the PRNG problem for most users (in the long run), what would it look like?
I was thinking that it might look like: 1) A C library that "does the right thing" when compiled on most OSes and hardware, which can then be linked into OpenSSL and/or Java, to get access to "(at least computationally) unpredictable bits". This would involve /dev/*random and CryptGenRandom, whatever the OS provides. 2) Stuff for distro/kernel that seeds the kernel entropy pool (see dakarand). 3) A flexible, configurable RNG subsystem that allows combination of the best attributes of HWRNGs and CSPRNGs, perhaps by using combiners and sponge functions like Keccak (SHA-3). Could run in userland, sitting atop #1, or in kernel land. Haven't figured this out yet. 4) A virtual machine device driver that deals with the "seeding and restore" problem by either presenting a new API or pretending to be an existing HWRNG device (like the ones built into chips these days). 5) A system for distributing HWRNG bits across a data center. Thoughts? -- http://www.subspacefield.org/~travis/ Remediating... LIKE A BOSS
pgpv3FaxNBphB.pgp
Description: PGP signature
_______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
