Home | History | Annotate | Download | only in libtomcrypt

Lines Matching refs:PRNG

166 pseudo--random number generators (PRNG), and bignum math routines are all used within the API through \textit{descriptor} tables which 
172 that for the PRNG needs within the library (\textit{e.g. making a RSA key}).  All the developer has to do
358 \mysection{Functions that need a PRNG}
359 \index{Pseudo Random Number Generator} \index{PRNG}
360 Certain functions such as \textit{rsa\_make\_key()} require a Pseudo Random Number Generator (PRNG).  These functions do not setup 
361 the PRNG themselves so it is the responsibility of the calling function to initialize the PRNG before calling them.
363 Certain PRNG algorithms do not require a \textit{prng\_state} argument (sprng for example).  The \textit{prng\_state} argument
547 because you are to be paranoid.  It is because if your PRNG has a bias of any sort the more bits the better.  For
2663 The library provides an array of core functions for Pseudo-Random Number Generators (PRNGs) as well.  A cryptographic PRNG is
2665 key generation.  There is a universal structure called \textit{prng\_state}.  To initialize a PRNG call:
2666 \index{PRNG start}
2668 int XXX_start(prng_state *prng);
2671 This will setup the PRNG for future use and not seed it.  In order for the PRNG to be cryptographically useful you must give it 
2672 entropy.  Ideally you'd have some OS level source to tap like in UNIX.  To add entropy to the PRNG call:
2673 \index{PRNG add\_entropy}
2677                              prng_state *prng);
2681 \index{PRNG ready}
2683 int XXX_ready(prng_state *prng);
2687 \index{PRNG read}
2691                           prng_state *prng);
2694 Which returns the number of bytes read from the PRNG.  When you are finished with a PRNG state you call
2697 \index{PRNG done}
2699 void XXX_done(prng_state *prng);
2702 This will terminate a PRNG state and free any memory (if any) allocated.  To export a PRNG state
2703 so that you can later resume the PRNG call the following.
2705 \index{PRNG export}
2709                   prng_state *prng);
2712 This will write a \textit{PRNG state} to the buffer \textit{out} of length \textit{outlen} bytes.  The idea of 
2714 be that much entropy available.   To import a state to seed a PRNG call the following function.
2716 \index{PRNG import}
2720                         prng_state *prng);
2723 This will call the start and add\_entropy functions of the given PRNG.  It will use the state in
2727 Note that importing a state will not \textit{resume} the PRNG from where it left off.  That is, if you export
2735    \item Start, use your entropy via add\_entropy and ready the PRNG yourself.
2747 To test a PRNG for operational conformity call the following functions.
2749 \index{PRNG test}
2754 This will return \textbf{CRYPT\_OK} if PRNG is operating properly.
2758 It is possible to be adding entropy and reading from a PRNG at the same time.  For example, if you first seed the PRNG
2760 in the PRNG until ready() is called again.  This allows the PRNG to be used and re-seeded at the same time.  No real error 
2761 checking is guaranteed to see if the entropy is sufficient, or if the PRNG is even in a ready state before reading.
2771    prng_state prng;
2776    if ((err = yarrow_start(&prng)) != CRYPT_OK) {
2780    if ((err = yarrow_add_entropy("hello world", 11, &prng)) 
2785    if ((err = yarrow_ready(&prng)) != CRYPT_OK) {
2789           yarrow_read(buf, sizeof(buf), &prng));
2794 \mysection{PRNG Descriptors}
2795 \index{PRNG Descriptor}
2796 PRNGs have descriptors that allow plugin driven functions to be created using PRNGs. The plugin descriptors are stored in the structure \textit{prng\_descriptor}.  The 
2823 To find a PRNG in the descriptor table the following function can be used:
2828 This will search the PRNG descriptor table for the PRNG named \textit{name}.  It will return -1 if the PRNG is not found, otherwise, it returns
2831 Just like the ciphers and hashes, you must register your prng before you can use it.  The two functions provided work exactly as those for the cipher registry functions.  
2835 int register_prng(const struct _prng_descriptor *prng);
2836 int unregister_prng(const struct _prng_descriptor *prng);
2839 The register function will register the PRNG, and return the index into the table where it was placed (or -1 for error).  It will avoid registering the same
2841 will return \textbf{CRYPT\_OK} if the PRNG was found and removed.  Otherwise, it returns \textbf{CRYPT\_ERROR}.
2849 \hline Yarrow & yarrow\_desc & Fast short-term PRNG \\
2850 \hline Fortuna & fortuna\_desc & Fast long-term PRNG (recommended) \\
2852 \hline SOBER-128 & sober128\_desc & Stream Cipher (also very fast PRNG) \\
2861 Yarrow is fast PRNG meant to collect an unspecified amount of entropy from sources 
2864 \textit{Note:} This PRNG is still secure for most tasks but is no longer recommended.  Users
2869 Fortuna is a fast attack tolerant and more thoroughly designed PRNG suitable for long term
2880 added to the PRNG learn far less about the state than that of Yarrow.  Without getting into to many
2887 RC4 is an old stream cipher that can also double duty as a PRNG in a pinch.  You key RC4 by
2900 calling add\_entropy().  There is no need to call ready() for this PRNG as it does not do anything.  
2923    prng_state prng;
2927    if ((err = rc4_start(&prng)) != CRYPT_OK) {
2933    if ((err = rc4_add_entropy("key", 3, &prng)) != CRYPT_OK) {
2939    if ((err = rc4_ready(&prng)) != CRYPT_OK) {
2946    if (rc4_read(buf, 11, &prng) != 11) {
2958 An RNG is related to a PRNG in many ways, except that it does not expand a smaller seed to get the data.  They generate their random bits
2960 PRNG.  Computers are deterministic that try hard not to stray from pre--determined paths.  This makes gathering entropy needed to seed a PRNG 
2978 any RNG source.  There is a function to help setup a PRNG as well:
2983                   prng_state *prng, 
2986 This will try to initialize the prng with a state of at least \textit{bits} of entropy.  The \textit{callback} parameter works much like
2996    prng_state prng;
3005    /* setup the PRNG */
3006    if ((err = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) 
3008       printf("Error setting up PRNG, %s\n", error_to_string(err));
3013    if ((err = ecc_make_key(&prng, find_prng("yarrow"), 24, &mykey)) 
3023 \subsection{The Secure PRNG Interface}
3024 It is possible to access the secure RNG through the PRNG interface, and in turn use it within dependent functions such
3025 as the PK API.  This simplifies the cryptosystem on platforms where the secure RNG is fast.  The secure PRNG never 
3027 the previous example using this PRNG.
3075              prng_state *prng, 
3086 Only encryption padding requires a PRNG.  When performing signature padding the \textit{prng\_idx} parameter may be left to zero as it is not checked for validity.
3122              prng_state *prng,
3136  sized input message.  \textit{prng\_idx} and \textit{prng} are the random number generator arguments required to randomize the padding process.  
3182              prng_state *prng,     
3192 \textit{hash\_idx} is the index into the hash descriptor table of the hash to use.  \textit{prng\_idx} and \textit{prng} are the random
3258 int rsa_make_key(prng_state *prng, 
3265 Where \textit{wprng} is the index into the PRNG descriptor array.  The \textit{size} parameter is the size in bytes of the RSA modulus desired.
3311              prng_state *prng, 
3333              prng_state *prng, 
3401                            prng_state *prng,     
3428           prng_state    *prng,     
3440 When performing a v1.5 signature the \textit{prng}, \textit{prng\_idx}, and \textit{hash\_idx} parameters are not checked and can be left to any
3500    /* register prng/hash */
3517    if ((err = rsa_make_key(NULL,     /* PRNG state */
3518                            prng_idx, /* PRNG idx */
3535                             NULL, /* PRNG state */
3536                         prng_idx, /* prng idx */
3730 int ecc_make_key(prng_state *prng, 
3748                  prng_state *prng, 
3861                              prng_state *prng, 
3915                            prng_state *prng, 
3921 will be stored in the array pointed to by \textit{out} of length \textit{outlen} octets.  The function requires a properly seeded PRNG, and 
3998 int dsa_make_key(prng_state *prng, 
4004 The variable \textit{prng} is an active PRNG state and \textit{wprng} the index to the descriptor.  \textit{group\_size} and 
4081                            prng_state *prng, 
4119                              prng_state *prng, 
4914                   prng_state *prng, 
4925 Probably the single most vulnerable point of any cryptosystem is the PRNG.  Without one, generating and protecting secrets
4927 does provide two RNG sources that will address the largest amount of end users as possible.  The \textit{sprng} PRNG provides an easy to 
4947 having to hack the library.  For example, suppose you have a hardware specific PRNG on your system.  You could easily 
4948 write the few functions required plus a descriptor.  After registering your PRNG, all of the library functions that 
4949 need a PRNG can instantly take advantage of it.  The same applies for ciphers, hashes, and bignum math routines.
5025 The only sticky issue is a shared PRNG which can be alleviated with the careful use of mutex devices.  Defining LTC\_PTHREAD for instance, enables
5346 The entire API was designed with plug and play in mind at the low level.  That is you can swap out any cipher, hash, PRNG or bignum library and the dependent API will not 
5356 to functions that do the required work.  For a given class of operation (e.g. cipher, hash, prng, bignum) the functions of a descriptor have identical prototypes which makes 
5864     /** Name of the PRNG */
5870     /** Start a PRNG state
5871         @param prng   [out] The state to initialize
5874     int (*start)(prng_state *prng);
5876     /** Add entropy to the PRNG
5879         @param prng       The PRNG state
5884                                 prng_state *prng);
5886     /** Ready a PRNG state to read from
5887         @param prng       The PRNG state to ready
5890     int (*ready)(prng_state *prng);
5892     /** Read from the PRNG
5895         @param prng    The PRNG state to read from
5900                              prng_state *prng);
5902     /** Terminate a PRNG state
5903         @param prng   The PRNG state to terminate
5906     int (*done)(prng_state *prng);
5908     /** Export a PRNG state  
5911         @param prng    The PRNG to export
5916                       prng_state *prng);
5918     /** Import a PRNG state
5921         @param prng    The PRNG to initialize/import
5926                             prng_state *prng);
5928     /** Self-test the PRNG
5938 The name by which find\_prng() will find the PRNG.
5941 When an PRNG state is to be exported for future use you specify the space required in this variable.
5944 Initialize the PRNG and make it ready to accept entropy.
5947 Add entropy to the PRNG state.  The exact behaviour of this function depends on the particulars of the PRNG.
5950 This function makes the PRNG ready to read from by processing the entropy added.  The behaviour of this function depends
5951 on the specific PRNG used.
5954 Read from the PRNG and return the number of bytes read.  This function does not have to fill the buffer but it is best 
5958 Terminate a PRNG state.  The behaviour of this function depends on the particular PRNG used.
5961 An exported PRNG state is data that the PRNG can later import to resume activity.  They're not meant to resume \textit{the same session}
6361        @param prng     An active PRNG state
6362        @param wprng    The index of the PRNG desired
6369     int (*rsa_keygen)(prng_state *prng,