Cryptographically strong random number generation.
To be cryptographically strong, it must be difficult to determine the
RNG's output, whether in the future or the past. This is done
by using encryption algorithms to "stir" the random data.
Originally AMK's but modified by Bryan Mongeau to use sha256 and
AES as part of the CryptKit suite.
Entropy estimates are no longer kept due to their imperfect
estimation of the real entropy accumulated.
Methods
|
|
__init__
addBytes
getBytes
getInt
stir
useURandom
|
|
__init__
|
__init__ ( self, numbytes=256 )
Numbytes is the size of the random pool.
The random pool is initially constructed with
succesive time hashes. /dev/urandom existence
is tested and used if available. Finally a call
to stir() ensures at least somewhat entropic data.
For real crypto applications, add entropic events
directly by calling addBytes()
|
|
addBytes
|
addBytes ( self, s )
XORs the contents of the string S into the random pool
|
|
getBytes
|
getBytes ( self, N=32 )
Return N bytes of random data, 32 being the default.
|
|
getInt
|
getInt ( self )
Return a random integer.
|
|
stir
|
stir ( self )
Critical function for ensuring the entropic
quality of the random pool in a Yarrow-esque
fashion. Proceeds as follows:
Adds the time to the random pool.
Taps /dev/urandom if available and adds
it to the random pool.
Creates a stir "token". The token is a hash
of the random pool and the two running counters.
Adds the token to the random pool.
Encrypts the entire pool with AES using the token
as the encryption key. Uses CBC mode to chop things
up with the first 16 bytes of the token as the
initialization vector.
Calling this function is relatively cheap on the
cycles but remember that for real security, you
must add other entropic events using addBytes().
|
|
useURandom
|
useURandom ( self )
If /dev/urandom is present on a given platform,
we would be stupid not to use it. Grabs bytes and
adds them to the pool.
|
|