Gerd Schering wrote: > So , if I get it right: we have a "true" random source to seed the PRNG > and this produces "true" random numbers?
No. There is no such guarantee using any PRNG. PRNGs provide a much higher bitrate than hardware RNGs or system sources of entropy. They use cryptographic hash functions to "whiten" data, i.e., these hash functions have the property that a change in a single bit of input changes, on average, half the output bits. Presumably you want a source of nicely-distributed random bits which are computationally infeasible for another party to predict. If you want a security guarantee (reduction proof that if PRNG is insecure, it implies SHA1 is insecure, etc.), then there are design and operational constraints to consider (e.g. generating only 2^N bits with 2^M bits of input from a RBG). Oh, and you'll have to supply the proof -- it's missing on all the commonly used PRNGs. - Michael ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
