[Cryptography] [RFC] random: add new pseudorandom number generator

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Oct 5 00:18:04 EDT 2021

Roland C. Dowdeswell <elric at imrryr.org> writes:

>But, then it occurred to me that maybe you shouldn't throw away 64 perfectly
>good bits for each operation, why not feed them back into the routine?

Even better, you could just feed each block back into the cipher.  It'd have
the effect of chaining the blocks together, so you could call it something
like... oh, I dunno, chained cipher blocks.

This would also deal with the fact that a single glitch in your counter would
break a pure-CTR PRNG.


More information about the cryptography mailing list