[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] nvm.stripped versus botan
From: |
Zack Weinberg |
Subject: |
Re: [Monotone-devel] nvm.stripped versus botan |
Date: |
Wed, 21 Jan 2009 15:18:34 -0800 |
On Wed, Jan 21, 2009 at 2:19 PM, Thomas Moschny <address@hidden> wrote:
>> Also, do we really need cryptographic entropy in mkstemp.cc?
>
> Why can't we simply re-use the RNG object?
No access to app_state from Lua extension functions.
> Really, I don't think we should implement another pseudo random
> number generator ourselves. Basically it won't ever be properly reviewed.
well, I *did*, but I take this criticism seriously. I picked an
algorithm that I think has the minimal properties we need for this and
that got a reasonable amount of peer review, but it's kind of awkward
- Mersenne Twister is so good that people seem to have stopped
researching PRNGs with a *small* amount of state, which is annoying
when you cannot reasonably supply more than a few tens of bits of
seed.
My inclination is to leave that for now and bug Jack more about being
able to create lighter-weight RNG objects, so that it wouldn't hurt so
much to create one. This would tie in to what I said earlier in this
thread about specifying what purpose one needs randomness for -- there
is no point in going to high-quality system entropy sources for a
30-bit nonce in a file name, but if the Botan API exposed a cheap
thing that (for instance) took a bunch of high-resolution timer
samples and ran them through Fortuna, I'd totally use that.
zw
[Monotone-devel] Re: nvm.stripped versus botan, Zack Weinberg, 2009/01/23