PRNG i GMP
Torbjörn Granlund
tg at gmplib.org
Tue Apr 16 10:19:28 UTC 2019
Pedro Gimeno <gmpdevel at formauri.es> writes:
Anyway, that brings up another point: how would seeding work? Should
the seed be used verbatim, like, should the first N bits of the seed
used directly as a key? Should some bits of the key be reserved,
e.g. for a counter, in case we decide in future to re-key?
My idea is to use the first up to 128 seed bits for key, any remaining
up to 128 bits for a counter initialisation.
That can consume up to 256 bits of seed data (if AES-128 is used). It
might be considered rude to drop seed data, so one might perform some
reduction operation to bring larger seeds down to 256 bits.
--
Torbjörn
Please encrypt, key id 0xC8601622
More information about the gmp-devel
mailing list