From 61383268caf7fa74c15bc881671d24e7c8361bbc Mon Sep 17 00:00:00 2001 From: mdw Date: Fri, 15 Oct 1999 21:05:56 +0000 Subject: [PATCH] Add a little more explanatory text for the pool and buffer sizes. --- papers/rand.tex | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/papers/rand.tex b/papers/rand.tex index eda970e..1c489cc 100644 --- a/papers/rand.tex +++ b/papers/rand.tex @@ -1,6 +1,6 @@ %%% -*-latex-*- %%% -%%% $Id: rand.tex,v 1.2 1999/10/12 21:00:34 mdw Exp $ +%%% $Id: rand.tex,v 1.3 1999/10/15 21:05:56 mdw Exp $ %%% %%% Description of Catacomb's random number generator %%% @@ -29,6 +29,9 @@ %%%----- Revision history --------------------------------------------------- %%% %%% $Log: rand.tex,v $ +%%% Revision 1.3 1999/10/15 21:05:56 mdw +%%% Add a little more explanatory text for the pool and buffer sizes. +%%% %%% Revision 1.2 1999/10/12 21:00:34 mdw %%% Updated. Almost finished, in fact. ;-) %%% @@ -200,13 +203,24 @@ The Catacomb implementation of the generator uses the following parameters: \item The hash function used in the one-way transformation is RIPEMD-160 \cite{rmd160}; the block cipher is Blowfish, using a 160-bit key. \item The input pool size $N_I$ is 128 bytes. The output buffer size $N_O$ - is also 128 bytes. The size $N_S$ of the secret part of the output buffer + is 512 bytes. The size $N_S$ of the secret part of the output buffer is 160 bits (20 bytes). \item The polynomial $P(x)$ used for mixing in new input is $1 + x + x^2 + x^7 + x^{128}$. \end{itemize} The hash and block cipher are well-known and respected cryptographic -primitives. +primitives. + +The input pool is rater larger than it strictly needs to be to contain +`enough' entropy to bring the generator up to the strength of its +cryptographic primitives. The pool is large to reduce the effect of +asymptotic behaviour in the amount of entropy in the pool. + +The output buffer is large simply to improve performance: Blowfish has a +heavy key schedule, so it pays to perform fewer rekeyings per byte of data. +The precise size of 512 bytes was chosen empirically as being about where the +performance improvement stops being linear with the buffer size on my +machine. \begin{thebibliography}{99} -- 2.11.0