Re: generating a nonce



I guess the real answer depends on what you want to use
the nonce for, but assuming that you want the full security
of a nonce that is unpredictable in advance, this won't do it.
The problem is that the bad guy can predict the inputs to the
VB RNG, then run the predicted outputs through the (presumed known)
secure RNG. Even though you might have a long nonce, it still has a very
small entropy.

the nonce is concatenated to the passphrase for the encryption sequence.
without the nonce the ciphertext will not decrypt properly.


.