As recommended by Bob Jenkins, the original author of the ISAAC cryptographic random number generator algorithms, self-seeding ISAAC is a useful technique for increasing the cryptographic strength of the random numbers generated from a given ISAAC context; i.e., using random values generated by ISAAC to seed a new ISAAC context. This may not seem particularly valuable for one-off random values such as the session tokens generated in CL-ISAAC’s documented Quick Recipes, but when you need to generate millions of cryptographically-strong random numbers from a single context—such as for a One-Time Pad cipher—you notice the extra strength that self-seeding provides.
CL-ISAAC v1.0.4 is now available on GitHub, which includes the self-seeding context. It will be available in the April distribution of Quicklisp.
Using the Self-seed context is similar to the other seeds already available; the function supports both ISAAC-32 and ISAAC-64 algorithms, and provides one additional keyword parameter,
count, which specifies the number of rounds your ISAAC context will be self-seeded. The default value is 1, but a count greater-than 3 is recommended.
Usage is as straight-forward as the other contexts. To create a 512bit hexadecimal string token using the ISAAC-64 algorithm from a self-seeded context with 3 rounds:
* (ql:quicklisp "cl-isaac") ... * (defvar *self-ctx* (isaac:init-self-seed :count 3 :is64 t)) * (format nil "~64,'0x" (isaac:rand-bits-64 *self-ctx* 512))
The Self-seeding context is necessarily heavier than the kernel and cl:random seeds, by a factor of approx. 5n+1, where n is the number of self-seeding rounds. Specifically, for every round there is an additional context created, as well as an additional scramble.