mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-01-18 11:32:45 +01:00
32 lines
1.4 KiB
Plaintext
32 lines
1.4 KiB
Plaintext
|
/*
|
||
|
* Copyright (C) 2020 HAW Hamburg
|
||
|
*
|
||
|
* This file is subject to the terms and conditions of the GNU Lesser
|
||
|
* General Public License v2.1. See the file LICENSE in the top level
|
||
|
* directory for more details.
|
||
|
*/
|
||
|
|
||
|
/**
|
||
|
* @defgroup sys_random_shaxprng SHAX random number generator
|
||
|
* @ingroup sys_random
|
||
|
*
|
||
|
* @brief SHA based random number generator implementation(CSPRNG).
|
||
|
*
|
||
|
* The generator bases on an internal structure that has been presented in
|
||
|
* FIPS 186-1 Appendix 3.2, which is why it is sometimes named as "DSA PRNG" or
|
||
|
* "FIPS PRNG" in the literature. Outputs are generated by hashing the internal
|
||
|
* generator state, and the feedback path applies a linear transformation to the
|
||
|
* state which is hashed again to create further next outputs. Thus, a potential
|
||
|
* state compromise may allow recovering preceding generator outputs, because
|
||
|
* linear operations in the feedback path are invertible. Thereby, this generator
|
||
|
* gets along with a single hash computation per block which makes the generator
|
||
|
* lightweight in comparison to more advanced CSPRNGs.
|
||
|
*
|
||
|
* This implementation can be run with the SHA-1 or SHA-256 hash function
|
||
|
* for creating outputs. SHA-1 has been deprecated by NIST in 2011 due to
|
||
|
* a collision- and potential brute-force attack. Thus, SHA-256 can be used as
|
||
|
* an alternative. To select one or the other, export
|
||
|
* `USEMODULE += prng_sha1prng` or
|
||
|
* `USEMODULE += prng_sha256prng`
|
||
|
* during compilation.
|
||
|
*/
|