[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New PRNG method!

To: [email protected] (Olcay Cirit)
Subject: Re: New PRNG method!
From: Adam Shostack <[email protected]>
Date: Sat, 2 Mar 1996 12:41:31 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Olcay Cirit" at Mar 2, 96 11:56:06 am
Sender: [email protected]

	The fact that something is complex does not mean your end of
it can not be monitered.  You need to discover random numbers from
something very local to you, or your opponents can mess with your
numbers.  David Wagner posted something about how Mallet could muck
with your RNG if it was based on incoming packet checksums, back in
September.

	If you want good random numbers, track the mouse.  Don't go
looking outside your computer to things other computers do.

	Lastly, using collision-resistant hashing in considered
preferable to encrypting information.

Adam


Olcay Cirit wrote:

| If the internet is so huge and complex, why not, say, use
| the least significant bits of ping times from random internet
| hosts as seeds for a PRNG? (Practical Random Number Gen.)



| After all this, you could wash it with a secure symmetric
| cryptosystem such as idea in CBC mode.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Follow-Ups:
- Re: New PRNG method!
  - From: [email protected]

References:
- New PRNG method!
  - From: Olcay Cirit <[email protected]>

Prev by Date: Re: Chaff in the Channel (Stealth PGP work)
Next by Date: Netcom and Credit Cards
Prev by thread: New PRNG method!
Next by thread: Re: New PRNG method!
Index(es):
- Date
- Thread