At 5:53 AM 9/20/95, Jeff Weinstein wrote:

This was a bad mistake on our part, and we are working hard to fix it. We have been trying to identify sources of random bits on PCs, Macs, and all of the many unix platforms we

Maintain a 4K entropy buffer. Mingle the exact time an place of each mouse hit into the entropy buffer using some combination that will have the effect of progressively shifting bits all over the place, so that every noise bit that you get eventually effects every bit of the buffer in a complicated way. For example: Buf[p] = MouseNoise + Buf[p] + Buf[p-24] + Buf[p-55]; p = p+1; (See Knuth, SemiNumerical Algorithms, Book 2, page 27 for the magic properties of the numbers 24, 55. This rule means that buffer immediately before p depends in a non linear fashion on all the noise you have received.) Whenever you need a random number, take a one way checksum, for example MD5, of the most recently altered part of that buffer. Use that as your random number. Whenever the user has used this buffer during a session, then when he quits netscape, save the buffer after first hashing it. To hash the buffer without loss of entropy, take the hash of one block of the buffer, and XOR it onto the next block (not the block that you hashed.) Repeat for each block in the buffer cyclicly. Publish your random number and encryption code here and in sci.crypt. --------------------------------------------------------------------- | We have the right to defend ourselves | http://www.jim.com/jamesd/ and our property, because of the kind | of animals that we are. True law | James A. Donald derives from this right, not from the | arbitrary power of the state. | jamesd@echeque.com