What if you had a very good entropy source, but only practical at crypto engine installation time?
Thierry Moreau
thierry.moreau at connotech.com
Thu Jul 22 15:44:59 EDT 2010
See http://www.connotech.com/doc_pudec_descr.html .
(OK, it's also practical whenever the server needs servicing by trusted
personnel.)
Then, you care about the deterministic PRNG properties, the secrecy of
its current state, and the prevention of PRNG output replays from an
out-of-date saved state.
And bingo, you solved the random secret generation issue satisfactorily!
Regards,
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
Tel. +1-514-385-5691
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list