Michael Sierchio wrote: > No. We know what cryptographically useful random bitstreams are. [snip] > But you said it was "cryptographically secure" (not a term of art, btw).
Umm, yes, "cryptographically secure" is a term of art. It means that a hypothetical attacker with a specific set of information (generally everything but the seed) cannot predict the output using any mechanism significantly more efficient than brute force. In any event, I'm curious. What do you think it is that makes bitstreams cryptographically useful? Could it be that they're secure? > > This is, in fact, precisely correct. The man page says: > Um, no mention of "truly" random. Ted T'so will chime in here... Apparently you don't understand the relationship between true randomness and entropy. > > If you don't know anything about an entire field, the least you > > can do is keep your mouth shut. > Good idea, David. You've demonstrated a depth of ignorance that > is truly profound. Time to shut up. I noticed you skipped right over > my citing your claim that RSA is irreversible. RSA is reversible. I never claimed otherwise. What I said is: "So /dev/random tries to provide truly random numbers while /dev/urandom tries to provide only cryptographically-secure pseudo-random numbers. It's as assured by the implementation as RSA assures that its operations are irreversible." This is precisely correct. In both cases, the operations are possible in theory but impossible in practice -- by careful and deliberate design. In principle, with no new entropy input, a person with enough output from /dev/urandom could predict the next output byte by brute forcing every possible initial seed state and finding the (likely only) one that produce that output stream. This is exactly the same as reversing RSA -- possible in theory but practical implementations are careful to make this impractical because it's a well-understood risk. See if you can find anyone who knows anything about this field who agrees with you. I would be quite stunned. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
