Generating Unique Keys
Christopher A. Craig
list-python at ccraig.org
Wed Jan 29 09:31:01 EST 2003
Nagy László <nagylzs at freemail.hu> writes:
> The PRNG algorithm can be explored in almost all cases (especially
> when using /dev/random), and this is a security risk.
Sorry to be off topic, but why especially? At least on Linux,
/dev/random is determined by various hardware factors chosen for the
difficulty to guess them (i.e. the float between keyboard controller
clock and the CPU clock generator) and then passed through a one way
hash function. I've read articles on how the entropy could be
reduced, but never anything on how the next number could be guessed
based on previous random numbers, which is certainly possible with
periodic PRNGs.
--
Christopher A. Craig <list-python at ccraig.org>
If Perl weren't around, I'd probably be using Python right now.
Tom Christiansen
More information about the Python-list
mailing list