> Is there any documented test for the quality of the PRNG?

Are you talking about our use of MD5, or our use of RC4?

If you are talking about our RC4, then there is; I will put it this
way: If our use of RC4 in this exactly-how-a-stream-cipher-works way
is bad, then every other use on this planet of steam ciphers is bad,
and very broken.  We are relying on the base concept.

The idea is that you can initialize a stream cipher with near-crap and
it will work OK for the way we are using it.

If the MD5 stuff we generate is crap, we are still probably more than
OK compared to everyone because we are going further, and doing the
slice/dice everyone-shares on the RC4 output.

[ message continues ]

I was just asking if the implementation of the RC4 based PRNG is done
correctly and if there has been a test of the quality of the PRNG
output. It just looked strange for me to seed the algorithm of the
PRNG with a plain time value, though it's just a few bytes at the
beginning of a larger block of data. So, if you believe the
implementation of the PRNG is correct, there is no need to further


I did not say, that anything you generate is crap.

[ message continues ]

> .. steam ciphers is bad ...

 Steam has much more entropy than a pseudo-number generator, in which 
 case our implementation is obsolete.

 -Matt

[ message continues ]