On 2020-04-20 21:56:43 +0200, Arnt Gulbrandsen wrote: > I chose to hash in a similar situation. Basically I pass the entire message > through MD5 or another hash, then base64. > > A proper hash (even MD5) is indistinguishable from pure randomness if you > have no knowledge of the input, and hashing needs only the message. Random > numbers require a source of entropy, which every host should have but I was > less than confident that that was the case. > > So I chose to hash. > > Hashing has its weaknesses. This approach makes the message-id guessable to > anyone who has the message content and other header fields, for example. I > thought that problem minor.
Yes, a minor problem, but note that using a random number (say on 64 bits or 128 bits) could avoid that if needed. In this context, the PRNG does not need to be cryptographically strong, so that no additional entropy would be needed. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
