[Cryptography Team] configurable random number generator
Robert Withers
robert.withers at pm.me
Fri Aug 21 10:42:22 UTC 2020
+1 Sounds great to me, Chris! Great to see traffic! It looks like a
change to Diffie Hellman and the RSA/DSA Keys, as far as ParrotTalk is
concerned.
K, r
On 8/21/20 1:01 AM, Chris Muller wrote:
> Hi all, I would like to make Fortuna the default secure random number
> generator in Squeak. I like using it because its implementation is so
> simple and utilizes another crypto primitive which I trust, a 256-bit
> AES cipher in counter (CTR) mode to generate the random stream.
>
> If it interests you, please take a look at
> CryptographyRandom-cmm.14.mcz, and let me know your thoughts. I'll
> plan on committing the remaining senders in a few days.
>
> - Chris
> _________________________________
> Name: CryptographyRandom-cmm.14
> Author: cmm
> Time: 20 August 2020, 11:45:55.957918 pm
> UUID: 8fa45a8b-cbb5-43be-8367-adcf78503be2
> Ancestors: CryptographyRandom-ul.13
>
> - Introduce RandomGenerator class>>#newSecureRandom to allow
> configuration of a preferred secure random number generator. To set
> this to SecureRandom, execute:
>
> RandomGenerator picker: SecureRandom withGeneratedKey
>
> otherwise, it will default to the Fortuna generator. Fortuna relies
> on 128-bit AES for its security, reducing security-sapping complexity.
> - Re-bolster #unpredictableStringsDo:. Chasing Pharo compatibility
> resulted in a too-significant cut to its security, with only time
> elements in there (which appear relatively easily brute-forcable). It
> utilizes the new primitive Random gatherEntropyInto: in combination
> with some of its original sources, in case the primitive fails or is
> compromised.
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
More information about the Cryptography
mailing list