The Cryptography Team implemented a completely different generator, but I can't get the packages to load in 3.10.2 to look at in detail, and it's been a couple of years since I last dinked around with it.
-- T
On Tue, Aug 5, 2008 at 5:18 PM, Randal L. Schwartz merlyn@stonehenge.com wrote:
"Jerome" == Jerome Peace peace_the_dreamer@yahoo.com writes:
Jerome> The objection Randal raised is that now it is using too many. Jerome> That's IMO a red herring.
No, it's not. Multiple calls to a PRNG generate correlated numbers, which can be used for an attack.
You need to use a PRNG that in a single call gives enough bits. And if you don't know that about PRNGs, you're not the one to be fixing this.
I talked about it in terms of entropy because that's the easiest way to see that you're not gaining anything except the illusion of gain, which will bite back some day. You can't get 112 bits of entropy by calling a 56-bit PRNG twice.
It's not progress if it breaks it.
-- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 merlyn@stonehenge.com URL:http://www.stonehenge.com/merlyn/ Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion _______________________________________________ Beginners mailing list Beginners@lists.squeakfoundation.org http://lists.squeakfoundation.org/mailman/listinfo/beginners