[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: $RANDOM not Cryptographically secure pseudorandom number generator

From: Eduardo Bustamante
Subject: Re: $RANDOM not Cryptographically secure pseudorandom number generator
Date: Sun, 2 Dec 2018 20:16:16 -0800

On Sun, Dec 2, 2018 at 3:14 PM Ole Tange <address@hidden> wrote:
> Git's use of SHA1 seems to be a prime example of what can go wrong:
> https://shattered.io/

What does a PRNG have to do with a hashing function?

> Can you elaborate on why you think it is a bad idea to change an
> insecure PRNG into a non-broken one?

I think you should elaborate on why you think the current one is
"broken", not the other way around; since you're the one that claiming
that is broken, but haven't really said why that is true.

IMO, Bash's PRNG is decent enough for what its intended use is. It's
definitely not meant to be used for cryptography. If I want a strong
random number, I can rely on OpenSSL or the /dev/urandom device.

Also, I don't really see how the code you sent generates a random number:

* How do you seed the initial state?
* How do you convert the 16-element array of 32-bit numbers to an
integer in the 0 - 32767 range?

People already expect $RANDOM to behave in a certain way, so you can't
really change that interface without breaking stuff. Whatever you use
to replace the brand() function should have the same interface.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]