> Ted noted.. > > I'll note that an criteria for judging RNG's which is very popular > with academics who love to write papers poking (theoretical) holes > into random number generators is how quickly a RNG can recover from > state compromise. > ... > Personally, my take is that if you can compromise the state of the > RNG, you can probably far more damage, so I'm not convinced state > compromise is a very high priority threat to defend against. But > there are tons and tons of academic papers which are convinced that > any RNG which doesn't worry about this attack is Fatally Flawed.
a recent paper that is perhaps an instance of the above class(es) of papers (but may be of interest in any case) is...
Dodis, Yevgeniy, Adi Shamir, Noah Stephens-Davidowitz, and Daniel Wichs. "How to Eat Your Entropy and Have it Too—Optimal Recovery Strategies for Compromised RNGs."
https://eprint.iacr.org/2014/167.pdf =JeffH _______________________________________________ dsfjdssdfsd mailing list [email protected] https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
