2010/12/21 Ted Unangst <ted.unan...@gmail.com>: > You can analyze the numbers coming out of /dev/arandom if you like,
much easier than rewriting the code. > but the scheme basically depends on the security of rc4, which is > still widely used. I realize this is proof by assertion, but if you > could decode an rc4 stream, that'd be a big deal. it's not about beeing able to decrypt rc4. It's about the quality of the PRNG. As I said, I'm not a cryptographer, but quite some of those guys will tell you, that the quality of the PRNG is essential for the quality of the whole encryption system (may it be theroetically or practically exploitable - see the link to the RSA page I posted). So, yes the rc4 scheme is widely used and for sure it's a good way to generate pseudo random numbers. The question is, if the actual code implements it in the right way. In that context I was wondering why the value of nanotime() is prepended to buf and if that could cause any problems. As I said: It can mean absolutely nothing and maybe you guys should not spend too much time on this issue. However personally I will neither trust my feelings nor my programming skills when it's about cryptography. One can't feel or see how code changes influence the produced random values unless they are checked/tested. Regards Kurt Knochner http://knochner.com/
