Re: generating a nonce
 From: "Antony Clements" <antony.clements@xxxxxxxxxxxxxxx>
 Date: Tue, 7 Nov 2006 09:32:32 +1100
I guess the real answer depends on what you want to use
the nonce for, but assuming that you want the full security
of a nonce that is unpredictable in advance, this won't do it.
The problem is that the bad guy can predict the inputs to the
VB RNG, then run the predicted outputs through the (presumed known)
secure RNG. Even though you might have a long nonce, it still has a very
small entropy.
the nonce is concatenated to the passphrase for the encryption sequence.
without the nonce the ciphertext will not decrypt properly.
.
 References:
 generating a nonce
 From: Antony Clements
 Re: generating a nonce
 From: Phil Carmody
 Re: generating a nonce
 From: Antony Clements
 generating a nonce
 Prev by Date: Re: Random delay as a countermeasure to timing attacks
 Next by Date: Re: Random delay as a countermeasure to timing attacks
 Previous by thread: Re: generating a nonce
 Next by thread: Re: generating a nonce
 Index(es):
Relevant Pages
