-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I know the Fortuna implementation isn't production ready yet, but I
just wanted to give a heads up as to some end user tests I ran the
other day. Basically, the data pulled from Fortuna isn't too
random - a simple gzip test against the output allows substantial
compression, while the java.security.SecureRandom in Sun's JVM or
even java.util.Random does not:
- -rw-r--r-- 1 jrandom users 4652685 Oct 21 18:25 /tmp/testfortuna
- -rw-r--r-- 1 jrandom users 67129357 Oct 21 18:26 /tmp/testrandom
- -rw-r--r-- 1 jrandom users 67129357 Oct 21 18:26 /tmp/
testsecurerandom
The throughput of the Fortuna implementation is pretty good though,
as I could pull 8-9MBps on my machine (p4 3ghz), spiked up to 21MBps
when gcj'ed with -O3.
Test code attached (javac -cp gnu-crypto-2.1.0.jar prng.java).
I haven't had time to dig into why the output is off, but I'm not
really an expert in prng implementations. If there's something I'm
doing wrong or if there's an easy fix, please, let me know, as I'd
love to use Fortuna. In any case, perhaps the attached could get
turned into a unit test for PRNGs - if the file size written is less
than 64MB, the PRNG isn't random.