Aha! Thank you! I'm working producing a module for that code that can provide a drop-in replacement to the default rand(). I will probably publish it in the Monestary first, then work on submitting to CPAN (which will be a new experience for me, and so might take some time).
As I mention in my new update to the parent node, however, I also need a cross-platform (at least *NIX and Win) method to generate a seed. For ISAAC specifically, I would want at least one and no more than 256 32-bit values with which to seed the PRNG. Any thoughts?
Yoda would agree with Perl design: there is no try{}
| [reply] |
Not sure how best to seed if you can't rely on /dev/random. I've seen a colleague on Mac trying to generate an ssh (or maybe PGP) key and being required to "type randomly for long enough" to generate random bits for security; not sure what application that was though.
So maybe the thing you need to look at is the device driver code for /dev/random. Everything2 has some interesting information about what it does, and for Linux the source should be in drivers/char/random.c.
Hugo
| [reply] |
| [reply] |
I like the idea, but I don't think it is sufficient; I can't guarantee, in a cross-platform way, where to find a set of files that changes fast enough.
What if someone uses this module as a PRNG to generate a single random password in a script -- but that script is called very quickly on a high-volume web server. I can find fast-changing files on Windows and Linux, but what about other platforms?
Also, the idea of using 'random' bytes from a 'random' file when I don't yet have a seed for a random-number generator seems like a bit of a chicken-and-egg problem, don't you think? ;-)
Yoda would agree with Perl design: there is no try{}
| [reply] |