Hi Robert,

Nice to see you!

Looks interesting I know that Chris did something gathering sources of entropy.  Seems like the more the better.  Could you just make the entropy sources optional such that if they exist we use them?  I would have to go back and see what Chris did but he was following suggestions from Schneider in his secureRandom.

All the best,

Ron Teitelbaum

> -----Original Message-----
> From: Pharo-dev [mailto:pharo-dev-bounces at lists.pharo.org] On Behalf Of
> Robert Withers
> Sent: Sunday, October 18, 2015 5:00 AM
> To: The general-purpose Squeak developers list; Pharo Development List
> Subject: Re: [Pharo-dev] [Cryptography port to Pharo] RandomGenerator
> class>>unpredictableStringsDo:
> 
> I'm sorry, I forgot the code. I list the existing method, followed by my
> modified Pharo method below. I welcome any feedback.
> 
> Regards,
> Robert
> 
> ---
> Existing:
> unpredictableStringsDo: aBlock
> 	"Enumerate sources of information from my environment that
> should be generally hard to guess."
> 	| time |
> 	time := Time millisecondsToRun:
> 		[ aBlock
> 			value: World imageForm bits compressToByteArray ;
> 			value: Sensor mousePoint x asString ;
> 			value: Sensor mousePoint y asString ;
> 			value: Time millisecondClockValue asByteArray ;
> 			value: Date today asString ;
> 			value: Time now asString ;
> 			value: Display extent asString.
> 		100 timesRepeat: [ aBlock value: UUID new ].
> 		#(vmVersion platformName primVmPath imageName
> platformSubtype datedVersion lastQuitLogPosition vmStatisticsReportString
> imageName)
> collect:
> 			[ : each |
> 			aBlock value: (SmalltalkImage current perform: each)
> asByteArray ] ].
> 	aBlock
> 		value: time asByteArray;
> 		"maybe the pointer has moved, hit it again."
> 		value: Sensor mousePoint asString ;
> 		value: Time millisecondClockValue asByteArray
> 
> ---
> Pharo port:
> unpredictableStringsDo: aBlock
> 	"Enumerate sources of information from my environment that
> should be generally hard to guess."
> 
> 	| time |
> 	time := Time millisecondsToRun:
> 		[ aBlock
> 			value: Time millisecondClockValue asByteArray ;
> 			value: Date today asString ;
> 			value: Time now asString.
> 		100 timesRepeat: [ aBlock value: UUID new ].
> 		#(version primImagePath imagePath datedVersion
> lastQuitLogPosition)
> collect:
> 			[ : each |
> 			aBlock value: (SmalltalkImage current perform: each)
> asByteArray ] ].
> 	aBlock
> 		value: time asByteArray;
> 		value: Time millisecondClockValue asByteArray
> 
> 
> On 10/18/2015 04:23 AM, Robert Withers wrote:
> > This is a message intended for anyone who was on the Cryptography team.
> > I recently ported it to Pharo and had to make changes to
> RandomGenerator
> > class>>unpredictableStringsDo:. This certainly removed some uncertainty
> > from the results of this message. My question is what should I do about
> > that? This method seems to require non-headless, as it is checking the
> > mouse point and such. This being a crypto cornerstone, what the best
> > answer here.
> >
> > Thank you,
> > Robert