Re: [Monotone-devel] nvm.stripped versus botan

[Jack Lloyd]

On Wed, Jan 21, 2009 at 03:18:34PM -0800, Zack Weinberg wrote:

> My inclination is to leave that for now and bug Jack more about
> being able to create lighter-weight RNG objects, so that it wouldn't
> hurt so much to create one. This would tie in to what I said earlier
> in this thread about specifying what purpose one needs randomness
> for -- there is no point in going to high-quality system entropy
> sources for a 30-bit nonce in a file name, but if the Botan API
> exposed a cheap thing that (for instance) took a bunch of
> high-resolution timer samples and ran them through Fortuna, I'd
> totally use that.

No Fortuna (and actually Fortuna doesn't really make sense in this
scenario, since the advantages that design may provide only apply when
the same PRNG state is kept around for a significant period of time),
but in a branch I've added the ability to tell the PRNG approximately
how much entropy you need it to be seeded with, which can speed up the
polling quite a bit. Specifically if the request is <= 128 bits, the
entire request will be serviced from /dev/*random (if it is around),
which is pretty fast.

On my Core2, I'm seeing seeding 1000 PRNGs with an estimated 64 bits
of entropy each (consisting of rdtsc's output plus 8 bytes from
/dev/random) take about .07 seconds.

-Jack