Generating Unique Keys
Nagy László
nagylzs at freemail.hu
Wed Jan 29 10:21:02 EST 2003
Christopher A. Craig wrote:
>Nagy László <nagylzs at freemail.hu> writes:
>
>
>
>>The PRNG algorithm can be explored in almost all cases (especially
>>when using /dev/random), and this is a security risk.
>>
>>
>
>Sorry to be off topic, but why especially? At least on Linux,
>/dev/random is determined by various hardware factors chosen for the
>difficulty to guess them (i.e. the float between keyboard controller
>clock and the CPU clock generator) and then passed through a one way
>hash function.
>
Isn't it used for initializing only? I thought that initial PRNG state
is choosen randomly by those
factors but after that only the PRNG algorithm is used. I'm not familiar
with the Linux source code
but I wonder how can they assure the correct distributions otherwise?
(You cannot examine
those true random factors theoretically.)
Laci 1.0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20030129/719dcdd8/attachment.html>
More information about the Python-list
mailing list