Re: generating a nonce
- From: "Antony Clements" <antony.clements@xxxxxxxxxxxxxxx>
- Date: Tue, 7 Nov 2006 09:22:56 +1100
"Sebastian Gottschalk" <seppi@xxxxxxxxx> wrote in message
news:4r8gpbFq0ap4U1@xxxxxxxxxxxxxxxxx
Phil Carmody wrote:
"Antony Clements" <antony.clements@xxxxxxxxxxxxxxx> writes:
is this a good way to generate a nonce?
generate a number using VB rng, xor with date and time then run it
through a
secure rng?
What do you mean by "run it through a secure rng"?
Note that VB's PRNG is pretty predictable, and the date is pretty
predictable too.
And XORing them together is only about averaging their entropies.
i'm generating a number between 1 and 3, then a case select generates a
number
case1:
Seed = Int(26 * Rnd + 65)
case 2:
Seed = Int(26 * Rnd + 97)
case 3:
Seed = Int(10 * Rnd + 48)
then generating a random number
number = Rnd(Seed) * 2 ^ 31)
then i take the result of number mod seed and xor date, then take that
result and xor time and then use that number for a seed of a cryptographic
rng that i found some source code for called KCI that was devised by George
Marsaglia and Arif Zaman in 1987.
passkey(0) = PRNG.Rnd(1, number)
the documentation that came with it says that it passes all tests and has a
period of 2^144, is a combination of Fibonacci sequence amd operation with
randomly selected lags ([17,5] [33,13] [39,14] [52,24] [63,31] [73,25]
[97,33] [607,273]) and can produce 900 million different sequences with each
subsequence having a length of approximately 10^30.
so is it still secure? and if so how secure?
.
- References:
- generating a nonce
- From: Antony Clements
- Re: generating a nonce
- From: Phil Carmody
- generating a nonce
- Prev by Date: Re: Chaum's punchscan
- Next by Date: Re: Random delay as a countermeasure to timing attacks
- Previous by thread: Re: generating a nonce
- Next by thread: Re: generating a nonce
- Index(es):
Relevant Pages
|
