Entropy Is a Terrible Thing to Waste

Because it is next to impossible to accurately predict the amount of entropy collected from a user in a short run, in order to prevent the predictable PRNG output problem discussed previously, all implementations include the shortcut or internal PRNG state in the process of generating new output. The previous output becomes a part of the equation used to calculate the next PRNG value.

In this design, once a sufficient amount of entropy is initially gathered in the system, the most recent data used to replenish the entropy pool does not need to be fully random at all times in order to ensure basic security.

Yet, there is another problem. If the implementation runs for a prolonged period of time on old, inherited ...

Get Silence on the Wire now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.