Re: Good Program That Creates OTPs?
From: Matthew Skala (mskala_at_ansuz.sooke.bc.ca)
Date: 14 Dec 2003 11:00:55 -0500
In article <Y3VydHdpbGwfirstname.lastname@example.org>,
Hillary Clinton <email@example.com> wrote:
>Janet managed to get her finger out of my twat long enough to tell me that
>/dev/random is a PRNG- whatever that is. She said that's what Bill depended
/dev/random and /dev/urandom are the output ports of an entropy-pool true
random number generator similar in design to Counterpane's Yarrow.
/dev/random is the one that blocks in order to only output as much
randomness as is available; its output should be considered truly random.
/dev/urandom is more like a PRNG.
>Do a google seach and you'll find a mechanism to create your own random
>stream using a simple Geiger counter and a luminous dial from a watch or
I'd trust /dev/random, which has been examined by a lot of people, in
preference to something homemade. One could combine the two,
though, by building the Geiger-counter device and feeding its output into
the /dev/random entropy pool. The resulting construction would be at
least as secure as secure as /dev/urandom (assuming the Geiger-counter
device's output is completely insecure) and also at least as secure as
the Geiger-counter device's output (assuming the other inputs to
/dev/random are insecure). That's almost certainly secure enough.
>I'm not certain why you only need to randomize the numbers between 0 and
>9999, or whatever.
It was not me who wanted to do that.
>Here's another idea for you. Download both a 10 meg file and a one meg file.
>Hash the 1 meg file after adding a large phrase as salt. Then use the output
>from SHA-512 as the encryption key to crate the pad. You didn't start off
>with a secret file, but I bet it's pretty random and secret by now.
A file downloaded from the Net is not secret. The hash of a such a
file is not secret. You can't take public numbers and turn them into
something "random and secret" by applying a public, deterministic
function. The procedure your describe is not secure, and you know
-- Matthew Skala firstname.lastname@example.org Embrace and defend. http://ansuz.sooke.bc.ca/