Russell: Sources of Randomness for Userspace
Posted Mar 30, 2012 12:46 UTC (Fri) by man_ls
In reply to: Russell: Sources of Randomness for Userspace
Parent article: Russell: Sources of Randomness for Userspace
(Hypothetical answer: people simply are really paranoid about randomness of their random numbers. But is such paranoia justified?)
I would say people are not paranoid enough, given the consequences. A bad random generator can easily go unnoticed and can cause real problems. How can I be sure that PHP's openssl_random_pseudo_bytes
is really random? How can I be sure that my implementation is not removing randomness?
A couple of examples. There was this incident a couple of months back, not to speak about Debian's fiasco with SSH keys.
to post comments)