I said it is an RNG, not cryptographic RNG. By adding current time source, however crude, and doing a sha1/md5, why should it not be cryptoPRNG? What properties should I look for?
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Victor Duchovni Sent: Tuesday, March 30, 2010 9:53 PM To: [email protected] Subject: Re: Random Numbers On Tue, Mar 30, 2010 at 07:43:39PM -0700, P Kamath wrote: > At one point of time, we had used tt800.c random number generator (available > on the net - a small file sized 2kB), and sha'd or md5'd the output into a > stream. From the output, we filtered out weak keys, if any. I hope nobody else does anything similar. tt800 is NOT a cryptographic PRNG. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
