Carl Ellison says: However, I can even see a point for using this for XOR encryption [I prefer not to call anything using a PRNG One-Time-Pad]. I can see two points, even:
Another point: it raises the possibility of an interesting loophole in the ITAR. Cryptographic hash functions are exportable, as "systems for authentication", or something to that effect. A random-number generator based on a hash function should be exportable. After all, as you say,
I have many uses for random numbers and none of them is XOR encryption.
But such an RNG *could* be used for encryption. If you package and market it as such, you're asking for trouble. But packaged as a library routine in a simulation library? It's not a fast PRNG, but it should be pretty good statistically. Eli ebrandt@jarthur.claremont.edu