%%% -*-latex-*-
%%%
-%%% $Id: rand.tex,v 1.2 1999/10/12 21:00:34 mdw Exp $
+%%% $Id: rand.tex,v 1.3 1999/10/15 21:05:56 mdw Exp $
%%%
%%% Description of Catacomb's random number generator
%%%
%%%----- Revision history ---------------------------------------------------
%%%
%%% $Log: rand.tex,v $
+%%% Revision 1.3 1999/10/15 21:05:56 mdw
+%%% Add a little more explanatory text for the pool and buffer sizes.
+%%%
%%% Revision 1.2 1999/10/12 21:00:34 mdw
%%% Updated. Almost finished, in fact. ;-)
%%%
\item The hash function used in the one-way transformation is RIPEMD-160
\cite{rmd160}; the block cipher is Blowfish, using a 160-bit key.
\item The input pool size $N_I$ is 128 bytes. The output buffer size $N_O$
- is also 128 bytes. The size $N_S$ of the secret part of the output buffer
+ is 512 bytes. The size $N_S$ of the secret part of the output buffer
is 160 bits (20 bytes).
\item The polynomial $P(x)$ used for mixing in new input is
$1 + x + x^2 + x^7 + x^{128}$.
\end{itemize}
The hash and block cipher are well-known and respected cryptographic
-primitives.
+primitives.
+
+The input pool is rater larger than it strictly needs to be to contain
+`enough' entropy to bring the generator up to the strength of its
+cryptographic primitives. The pool is large to reduce the effect of
+asymptotic behaviour in the amount of entropy in the pool.
+
+The output buffer is large simply to improve performance: Blowfish has a
+heavy key schedule, so it pays to perform fewer rekeyings per byte of data.
+The precise size of 512 bytes was chosen empirically as being about where the
+performance improvement stops being linear with the buffer size on my
+machine.
\begin{thebibliography}{99}
projects / u / mdw / catacomb / commitdiff