[Cryptography] Use process ID in mixing?

John Denker jsd at av8n.com
Wed Mar 19 13:51:50 EDT 2014

On 03/19/2014 04:50 AM, Sandy Harris wrote:

> Is it worth doing?

WYTM?  What's the problem you're trying to solve?

I can think of three cases, from worst to best:

1) If the PRNG has never been properly seeded, that's a big
problem, and mixing in the PID and/or RTC is nowhere near 
sufficient to solve the problem.

2) If the PRNG was properly seeded once upon a time, by far 
the most serious threat is a replay.  Stirring in the RTC
provides considerable protection against this, although it 
is far from ideal.  Stirring in the PID does not impress me, 
because there are too many ways that the PID could be replayed 
along with everything else.

3) If the PRNG is not being replayed, i.e. if the PRNG state
has not been reset to a previous value, then normal operation
of the PRNG should be very very strong, and no amount of
mixing in other stuff (RTC or PID or whatever) will make it
any stronger.

  If you are worried that the PRNG is not strong in normal
  operation, throw it out and get a better one.  We know
  how to make a PRNG that is /at least/ as strong as other
  crypto primitives that we utterly depend on (i.e. hashes
  and block ciphers).

More information about the cryptography mailing list