Re: [Monotone-devel] nvm.stripped versus botan

[Zack Weinberg]

On Wed, Jan 21, 2009 at 2:19 PM, Thomas Moschny <address@hidden> wrote:
>> Also, do we really need cryptographic entropy in mkstemp.cc?
>
> Why can't we simply re-use the RNG object?

No access to app_state from Lua extension functions.

> Really, I don't think we should implement another pseudo random
> number generator ourselves. Basically it won't ever be properly reviewed.

well, I *did*, but I take this criticism seriously.  I picked an
algorithm that I think has the minimal properties we need for this and
that got a reasonable amount of peer review, but it's kind of awkward
- Mersenne Twister is so good that people seem to have stopped
researching PRNGs with a *small* amount of state, which is annoying
when you cannot reasonably supply more than a few tens of bits of
seed.

My inclination is to leave that for now and bug Jack more about being
able to create lighter-weight RNG objects, so that it wouldn't hurt so
much to create one.  This would tie in to what I said earlier in this
thread about specifying what purpose one needs randomness for -- there
is no point in going to high-quality system entropy sources for a
30-bit nonce in a file name, but if the Botan API exposed a cheap
thing that (for instance) took a bunch of high-resolution timer
samples and ran them through Fortuna, I'd totally use that.

zw