2004-10-03 14:19:48 UTC
I want to do a random number generator, using sampling of an external
source of entropy. I read somewhere on the net that sampling entropy
source is not necessary random data. Generally, sampled entropy must
be "blended" with strong HASH function. Let's say I choose MD5 as hash
function ( I know MD5 is not reputed as secure as SHA for signature,
but it's quite ok for my purpose ).
What's the best way to combine my entropy sampling and the HASH func ?
I though of this, tell me if you see any problem:
a) Sample 128 bits of entropy source
b) "MD5" it
c) output the 128bits Md5 result as random value
d) goto a)
Is it "good" for random ? What's the improvement if I repeat several
times b) on itself ?
Second question: As my sampling processing is quite slow (as often
with sampling), do you think it's ok for a "crypto secure" random
generator to do this:
a) Sample 128bits of entropy source
begin a loop of, say, 4 passes
b) Md5 it
c) output 128bits
end of loop
So I generate 128*4=512bits of random numbers with only 128bits of
What do you think of that idea ?
Generally, how does work a "cryptographic" secure random generator (
more precisly how is mixed the entropy sampling with the HASH function
Thanks in advance,