/*
 * Copyright (C) 2020 HAW Hamburg
 *
 * This file is subject to the terms and conditions of the GNU Lesser
 * General Public License v2.1. See the file LICENSE in the top level
 * directory for more details.
 */

/**
 * @defgroup    sys_random_shaxprng SHAX random number generator
 * @ingroup     sys_random
 *
 * @brief   SHA based random number generator implementation(CSPRNG).
 *
 * The generator bases on an internal structure that has been presented in
 * FIPS 186-1 Appendix 3.2, which is why it is sometimes named as "DSA PRNG" or
 * "FIPS PRNG" in the literature. Outputs are generated by hashing the internal
 * generator state, and the feedback path applies a linear transformation to the
 * state which is hashed again to create further next outputs. Thus, a potential
 * state compromise may allow recovering preceding generator outputs, because
 * linear operations in the feedback path are invertible. Thereby, this generator
 * gets along with a single hash computation per block which makes the generator
 *  lightweight in comparison to more advanced CSPRNGs.
 *
 * This implementation can be run with the SHA-1 or SHA-256 hash function
 * for creating outputs. SHA-1 has been deprecated by NIST in 2011 due to
 * a collision- and potential brute-force attack. Thus, SHA-256 can be used as
 * an alternative. To select one or the other, export
 * `USEMODULE += prng_sha1prng` or
 * `USEMODULE += prng_sha256prng`
 * during compilation.
 */