[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DIGEST-MD5 and {nonce,cnonce}

On Mon, 25 Oct 1999, Ed Carp wrote:

> > At 12:32 PM 10/25/99 -0700, Kurt D. Zeilenga wrote:
> > >Rand(3) provides a sequence of psuedo-random numbers.  The
> > >amount of entropy in these numbers cannot be greater than
> > >the seed used to determine the sequence.
> > 
> > Poor wording:  The amount of entropy in the series of numbers
> > cannot cannot be greater than the seed used to determine the
> > sequence.  That is, the series numbers are not independent.
> Even given different seeds?  If so, it's a piss-poor even "pseudo-" random
> generator.  

- It's meant for simulating things like die tossing, not for
cryptography. Generating "Truly" random numbers is a very difficult

>I can do better than that typing blind at the keyboard.

- Yes, that's entirely the point. 

> That would also throw out the idea of feeding the output of rand() to MD5.

- Very wise, If you're really interested in the why's and wherefore's
of how to generate entrophy, I suggest you read Bruce Schneier's 
Applied Cryptography.

- Generally, any scheme that uses a PRNG to produce suitable
entrophy is highly suspect (even if you only use it as an index
into other data. )

- Booker C. Bense