[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DIGEST-MD5 and {nonce,cnonce}



At 02:53 PM 10/25/99 -0500, Ed Carp wrote:
>> >Most UNIX implementations implement rand() and friends.  Even Solaris ;)
>> 
>> Rand(3) provides a sequence of psuedo-random numbers.  The
>> amount of entropy in these numbers cannot be greater than
>> the seed used to determine the sequence.
>> 
>> It is not appropriate to use rand(3) to obtain bits of
>> entropy.
>
>Why not, if properly seeded?

Because we're after bits of entropy (or disorder) and not a sequence of
highly ordered values such as offerred by rand(3).






----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>