On Fri, 2008-08-08 at 02:52 -0700, Kyle Hamilton wrote:
> On Thu, Aug 7, 2008 at 6:59 AM, David Schwartz <[EMAIL PROTECTED]> wrote:
> >> Otherwise, many random number generators use a
> >> linear-feedback shift register with a periodicity of 2**56. That's
> >> approximately the same amount of keyspace as DES, and the output over
> >> multiple successions of readings of 2**56 bytes will repeat and not be
> >> suitably random.
> >
> > That seems pretty boneheaded to me, considering how trivial it is to
> create PRNGs with much higher periods. In any event,
> Linux's /dev/urandom implementation has a periodicity of way over 2^64
> bytes.
>
> Sure, it's possible to create PRNGs with much higher periods, but it's
> rather difficult to create /good/ PRNGs with much higher periods.
> Even then, though, all PRNGs have the property that their output is
> deterministic... and "deterministic" is the antithesis of
> "cryptographically secure".
Someone should probably tell that to NIST. So they can fix their
FIPS-140 standard to allow nondeterministic RNGs. :)
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
