Generating Unique Keys
nagylzs at freemail.hu
Wed Jan 29 16:21:02 CET 2003
Christopher A. Craig wrote:
>Nagy László <nagylzs at freemail.hu> writes:
>>The PRNG algorithm can be explored in almost all cases (especially
>>when using /dev/random), and this is a security risk.
>Sorry to be off topic, but why especially? At least on Linux,
>/dev/random is determined by various hardware factors chosen for the
>difficulty to guess them (i.e. the float between keyboard controller
>clock and the CPU clock generator) and then passed through a one way
Isn't it used for initializing only? I thought that initial PRNG state
is choosen randomly by those
factors but after that only the PRNG algorithm is used. I'm not familiar
with the Linux source code
but I wonder how can they assure the correct distributions otherwise?
(You cannot examine
those true random factors theoretically.)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-list