> Generating real pseudo-random streams is a hard problem which is way > more than what people can handle. Usually, PRNGs are composed of > various periodic elements which, in the end, all combined produce a > repeating stream of pseudo-random numbers. OpenSSL uses a modified MAC > for this as a state machine and extracts some state bits as random > stream on every access. >
Smoke Detector + Webcam = cheapo RNG http://inventgeek.com/Projects/alpharad/overview.aspx I know some highly secure operations (eg: web casinos, using Geiger counters and background radiation) use a version of this for their RNGs, and random.org does it with RF (radios listening to static) .. do patches exist for OpenSSL to use hardware devices? (short of a hack to take something like the above and pipe it to /dev/random, etc). Cheers, Michael Holstein Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
