From: Pekka Riikonen Date: Thu, 21 Feb 2002 10:02:17 +0000 (+0000) Subject: updates X-Git-Tag: silc.client.0.8.1~35 X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff_plain;h=4548e3912f812e41b9e48939fbb4a1e1ed60294b updates --- diff --git a/lib/doc/silcrng_intro.html b/lib/doc/silcrng_intro.html index 858a3128..ec54eb4e 100644 --- a/lib/doc/silcrng_intro.html +++ b/lib/doc/silcrng_intro.html @@ -63,28 +63,28 @@ the pool and then stirs the entire pool.
 
 
-Stirring Threshholds +Stirring Thresholds
 
-The random pool has two threshholds that controls when the random pool +The random pool has two thresholds that controls when the random pool needs more new noise and requires restirring. As previously mentioned, the application may do this by calling the silc_rng_add_noise. However, the RNG performs this also automatically.
 
-The first threshhold gets soft noise from system and stirs the random pool. -The threshhold is reached after 64 bits of random data has been fetched +The first threshold gets soft noise from system and stirs the random pool. +The threshold is reached after 64 bits of random data has been fetched from the RNG. After the 64 bits, the soft noise acquiring and restirring process is performed every 8 bits of random output data until the second -threshhold is reached. +threshold is reached.
 
-The second threshhold gets hard noise from system and stirs the random -pool. The threshhold is reached after 160 bits of random output. After the +The second threshold gets hard noise from system and stirs the random +pool. The threshold is reached after 160 bits of random output. After the noise is acquired (from /dev/urandom) the random pool is stirred and the -threshholds are set to zero. The process is repeated again after 64 bits of -output for first threshhold and after 160 bits of output for the second -threshhold. +thresholds are set to zero. The process is repeated again after 64 bits of +output for first threshold and after 160 bits of output for the second +threshold.
 
 
@@ -150,10 +150,10 @@ compromised if an adversary would learn the initial input data (or any input data for that matter). The SILC's RNG provides good protection for this even if the some of the input bits would be compromised for old or future random numbers. The RNG reinitalizes (reseeds) itself using the -threshholds after every 64 and 160 bits of output. This is considered to be +thresholds after every 64 and 160 bits of output. This is considered to be adequate even if some of the bits would get compromised. Also, the applications that use the RNG usually fetches at least 256 bits from the -RNG. This means that everytime RNG is accessed both of the threshholds are +RNG. This means that everytime RNG is accessed both of the thresholds are reached. This should mean that the RNG is never too long in an compromised state and recovers as fast as possible. diff --git a/lib/silccrypt/silcrng.c b/lib/silccrypt/silcrng.c index a330e0dc..4c69e9bf 100644 --- a/lib/silccrypt/silcrng.c +++ b/lib/silccrypt/silcrng.c @@ -111,9 +111,9 @@ typedef struct SilcRngStateContext { random pool. This is allocated when RNG object is allocated and free'd when RNG object is free'd. - uint8 threshhold + uint8 threshold - Threshhold to indicate when it is required to acquire more + Threshold to indicate when it is required to acquire more noise from the environment. More soft noise is acquired after 64 bits of output and hard noise every 160 bits of output. @@ -123,7 +123,7 @@ struct SilcRngStruct { unsigned char key[64]; SilcRngState state; SilcHash sha1; - uint8 threshhold; + uint8 threshold; char *devrandom; int fd_devurandom; }; @@ -451,15 +451,15 @@ static uint32 silc_rng_get_position(SilcRng rng) uint8 silc_rng_get_byte(SilcRng rng) { - rng->threshhold++; + rng->threshold++; - /* Get more soft noise after 64 bits threshhold */ - if (rng->threshhold >= 8) + /* Get more soft noise after 64 bits threshold */ + if (rng->threshold >= 8) silc_rng_get_soft_noise(rng); - /* Get hard noise after 160 bits threshhold, zero the threshhold. */ - if (rng->threshhold >= 20) { - rng->threshhold = 0; + /* Get hard noise after 160 bits threshold, zero the threshold. */ + if (rng->threshold >= 20) { + rng->threshold = 0; silc_rng_get_hard_noise(rng); }