Generating Unique Keys

Nagy László nagylzs at freemail.hu
Wed Jan 29 16:21:02 CET 2003



Christopher A. Craig wrote:

>Nagy László <nagylzs at freemail.hu> writes:
>
>  
>
>>The PRNG algorithm can be explored in almost all cases (especially
>>when using /dev/random), and this is a security risk.
>>    
>>
>
>Sorry to be off topic, but why especially?  At least on Linux,
>/dev/random is determined by various hardware factors chosen for the
>difficulty to guess them (i.e. the float between keyboard controller
>clock and the CPU clock generator) and then passed through a one way
>hash function.  
>
Isn't it used for initializing only? I thought that initial PRNG state 
is choosen randomly by those
factors but after that only the PRNG algorithm is used. I'm not familiar 
with the Linux source code
but I wonder how can they assure the correct distributions otherwise? 
(You cannot examine
those true random factors theoretically.)

  Laci 1.0

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20030129/719dcdd8/attachment.html>


More information about the Python-list mailing list