# Re: generating a nonce

*From*: "Antony Clements" <antony.clements@xxxxxxxxxxxxxxx>*Date*: Tue, 7 Nov 2006 09:32:32 +1100

I guess the real answer depends on what you want to use

the nonce for, but assuming that you want the full security

of a nonce that is unpredictable in advance, this won't do it.

The problem is that the bad guy can predict the inputs to the

VB RNG, then run the predicted outputs through the (presumed known)

secure RNG. Even though you might have a long nonce, it still has a very

small entropy.

the nonce is concatenated to the passphrase for the encryption sequence.

without the nonce the ciphertext will not decrypt properly.

.

**References**:**generating a nonce***From:*Antony Clements

**Re: generating a nonce***From:*Phil Carmody

**Re: generating a nonce***From:*Antony Clements

- Prev by Date:
**Re: Random delay as a countermeasure to timing attacks** - Next by Date:
**Re: Random delay as a countermeasure to timing attacks** - Previous by thread:
**Re: generating a nonce** - Next by thread:
**Re: generating a nonce** - Index(es):