%%% -*-latex-*-
%%%
-%%% $Id: rand.tex,v 1.2 1999/10/12 21:00:34 mdw Exp $
+%%% $Id: rand.tex,v 1.4 2004/04/08 01:36:15 mdw Exp $
%%%
%%% Description of Catacomb's random number generator
%%%
%%% Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
%%% MA 02111-1307, USA.
-%%%----- Revision history ---------------------------------------------------
-%%%
-%%% $Log: rand.tex,v $
-%%% Revision 1.2 1999/10/12 21:00:34 mdw
-%%% Updated. Almost finished, in fact. ;-)
-%%%
-%%% Revision 1.1 1999/09/03 08:41:13 mdw
-%%% Initial import.
-%%%
-
%%%----- Header -------------------------------------------------------------
\documentclass[a4paper, article, 10pt, notitlepage, numbering]{strayman}
\item The hash function used in the one-way transformation is RIPEMD-160
\cite{rmd160}; the block cipher is Blowfish, using a 160-bit key.
\item The input pool size $N_I$ is 128 bytes. The output buffer size $N_O$
- is also 128 bytes. The size $N_S$ of the secret part of the output buffer
+ is 512 bytes. The size $N_S$ of the secret part of the output buffer
is 160 bits (20 bytes).
\item The polynomial $P(x)$ used for mixing in new input is
$1 + x + x^2 + x^7 + x^{128}$.
\end{itemize}
The hash and block cipher are well-known and respected cryptographic
-primitives.
+primitives.
+
+The input pool is rater larger than it strictly needs to be to contain
+`enough' entropy to bring the generator up to the strength of its
+cryptographic primitives. The pool is large to reduce the effect of
+asymptotic behaviour in the amount of entropy in the pool.
+
+The output buffer is large simply to improve performance: Blowfish has a
+heavy key schedule, so it pays to perform fewer rekeyings per byte of data.
+The precise size of 512 bytes was chosen empirically as being about where the
+performance improvement stops being linear with the buffer size on my
+machine.
\begin{thebibliography}{99}