Hi, Andy Smith wrote: > https://www.2uo.de/myths-about-urandom/#experts
So it is about how Daniel Bernstein justifies his claim that it is wrong to say: "we can't figure out how to deterministically expand one 256-bit /dev/random output into an endless stream of unpredictable keys (this is what we need from urandom)," and right to conclude: "For a cryptographer this doesn't even pass the laugh test." How do cryptographers manage to get this miraculous growth of information if the only secret is the 256 bit of /dev/random output ? Why would i need more than 2 exp 256 tries to guess the whole stream ? (I don't point out that this refers to /dev/random as source of /dev/urandom, because i assume that this is only rethorical to illustrate the more general question. Further i understand that Linux changes the key in the time range of minutes. This seems to be a much stronger precaution than just a single key.) (And again, it's not about IT but about math. In practice 2 exp 256 or 2 exp 384 are enormous numbers. Nevertheless, being sloppy in math can bite you in practice.) Have a nice day :) Thomas
