Reply to post: Round and round we go

Boffin: Dump hardware number generators for encryption and instead look within


Round and round we go

Early versions of Netscape's SSL used a "random" seed derived from the time of day, the process ID, and the parent process ID. It seemed like a good idea, but needless to say researchers were able to guess the encryption keys and everyone was recommended to use hardware random number generators. Adding more seed variables helps but I remain dubious as it is inherently repeatable. I prefer to trust a simple hardware random number generator that uses something like diode noise which is random down at the physics level.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019