[Cryptography Team] Fortuna
Ron Teitelbaum
Ron at USMedRec.com
Sun Oct 22 20:43:26 UTC 2006
Hi Chris!
How are you doing? I knew that you improved secure random, and had
mentioned the need for adding the accumulator. Is there more in KryptOn in
terms of PRNG that is not already included in SecureRandom? I will spend
some time looking at KryptOn to see if there is stuff that could be useful
our overall platform in the Cryptography package. Your suggestions are
welcome!
Many of the ideas in Practical Cryptography especially keeping secrets -
Data retention by Memory 9.3.4 using Fortuna (with a proper accumulator) as
a PRNG seem to be quite sufficient ways to protect Secure Channel keys on a
client machine. Even knowing how it all works, I would think it would be
very difficult for me to break the code, unless I was able to introduce new
code into the running system. So if we can solve the problem of introducing
new code, and we could add Fortuna and some of the requirements Practical
Cryptography for protecting secrets I would think we are a long way towards
making a very secure channel implementation for a client system.
I hope that you will consider helping out with all this!
Nice to hear from you!
Ron
> -----Original Message-----
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Chris Muller
> Sent: Saturday, October 21, 2006 12:13 PM
> To: cryptography at lists.squeakfoundation.org
> Subject: [Cryptography Team] Fortuna
>
> > PRNG I plan to work on Bruce's FORTUNA implementation for squeak.
>
> Hi, KryptOn is an all-Smalltalk implementation of purely the ideas in
> Practical Cryptography. I have already implemented the Fortuna generator
> as specified in Chapter 10 (via AES in Bruce's preferred CTR mode).
>
> Perhaps you would like to do the accumulator?
>
> - Chris
>
>
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
More information about the Cryptography
mailing list