Randomness
Ben Laurie
ben at algroup.co.uk
Fri May 9 07:45:45 EDT 2003
Paul Onions wrote:
> On Thursday 08 May 2003 3:07 pm, Ben Laurie wrote:
>
>>It was my intention, and perhaps I should make it clearer, that the only
>>difference between insecureprng() and the other PRNGs is the source of
>>entropy. Hence, it does not leak state any more than the rest do.
>>Clearly if the insecureprng() uses a cryptographically weak algorithm
>>then it cannot share state.
>
>
> Oh okay. But a small doubt still remains - is a secure-PRNG still a
> secure-PRNG when multiple instantiations are run in parallel and (at least
> partially) sharing the same state information?
If they are literally parallel, then no, because they would produce the
same output if run simultaneously, and that's obviously bad. However,
what you'd fairly obviously do is lock the state so that they are
actually run serially, and then they behave like a single instatiation.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list