Generating Unique Keys

Nagy László nagylzs at
Wed Jan 29 16:21:02 CET 2003

Christopher A. Craig wrote:

>Nagy László <nagylzs at> writes:
>>The PRNG algorithm can be explored in almost all cases (especially
>>when using /dev/random), and this is a security risk.
>Sorry to be off topic, but why especially?  At least on Linux,
>/dev/random is determined by various hardware factors chosen for the
>difficulty to guess them (i.e. the float between keyboard controller
>clock and the CPU clock generator) and then passed through a one way
>hash function.  
Isn't it used for initializing only? I thought that initial PRNG state 
is choosen randomly by those
factors but after that only the PRNG algorithm is used. I'm not familiar 
with the Linux source code
but I wonder how can they assure the correct distributions otherwise? 
(You cannot examine
those true random factors theoretically.)

  Laci 1.0

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Python-list mailing list