[Newbies] Re: Tim's Fix for LargeIntger>>AtRandom
Cerebus
cerebus2 at gmail.com
Wed Aug 6 02:03:40 UTC 2008
The Cryptography Team implemented a completely different generator,
but I can't get the packages to load in 3.10.2 to look at in detail,
and it's been a couple of years since I last dinked around with it.
-- T
On Tue, Aug 5, 2008 at 5:18 PM, Randal L. Schwartz
<merlyn at stonehenge.com> wrote:
>>>>>> "Jerome" == Jerome Peace <peace_the_dreamer at yahoo.com> writes:
>
> Jerome> The objection Randal raised is that now it is using too many.
> Jerome> That's IMO a red herring.
>
> No, it's not. Multiple calls to a PRNG generate correlated numbers,
> which can be used for an attack.
>
> You need to use a PRNG that in a single call gives enough bits. And
> if you don't know that about PRNGs, you're not the one to be fixing this.
>
> I talked about it in terms of entropy because that's the easiest way to see
> that you're not gaining anything except the illusion of gain, which will bite
> back some day. You can't get 112 bits of entropy by calling a 56-bit PRNG
> twice.
>
> It's not progress if it breaks it.
>
> --
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
> See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
> _______________________________________________
> Beginners mailing list
> Beginners at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/mailman/listinfo/beginners
>
More information about the Beginners
mailing list