Of the use of unpredictableSeed

cym13 via Digitalmars-d digitalmars-d at puremagic.com
Sun Feb 26 11:00:40 PST 2017


On Sunday, 26 February 2017 at 18:33:08 UTC, ketmar wrote:
> cym13 wrote:
>
>> Hi,
>>
>> I found many times that people use unpredictableSeed in 
>> combination with normal PRNG for cryptographic purpose. Some 
>> even go as far as reseeding at each call to try making it more 
>> secure.
>>
>> It is a dangerous practice, most PRNG are not designed with 
>> security (and unpredictability) in mind, and unpredictableSeed 
>> was definitely not designed with security in mind (or it 
>> failed heavily at it). It's a good tool when one needs 
>> randomness, not security.
>>
>> I wrote a blog post to present exactly why this is a bad idea 
>> and how it could be exploited [1].
>>
>> The best would be to add a standard CSPRNG interface to Phobos 
>> but we aren't there yet.
>>
>> [1]: https://cym13.github.io/article/unpredictableSeed.html
>
> "like /dev/random on Linux"
> (sighs) it was so good until this...

That's a typo actually, I meant urandom, I'll correct it.
Actually it would be better not to use urandom directly but use 
it as source to regularly reseed another PRNG in order to avoid 
some warts but meh. As a first step it's good enough as it is.


More information about the Digitalmars-d mailing list