| chacha_rng.cpp |
|
2453 |
| chacha_rng.h |
ChaCha_RNG is a very fast but completely ad-hoc RNG created by
creating a 256-bit random value and using it as a key for ChaCha20.
The RNG maintains two 256-bit keys, one for HMAC_SHA256 (HK) and the
other for ChaCha20 (CK). To compute a new key in response to
reseeding request or add_entropy calls, ChaCha_RNG computes
CK' = HMAC_SHA256(HK, input_material)
Then a new HK' is computed by running ChaCha20 with the new key to
output 32 bytes:
HK' = ChaCha20(CK')
Now output can be produced by continuing to produce output with ChaCha20
under CK'
The first HK (before seeding occurs) is taken as the all zero value.
@warning This RNG construction is probably fine but is non-standard.
The primary reason to use it is in cases where the other RNGs are
not fast enough.
|
4488 |
| info.txt |
|
101 |