User: Password:
|
|
Subscribe / Log in / New account

The dangers of weak random numbers

The dangers of weak random numbers

Posted Feb 21, 2008 21:12 UTC (Thu) by liljencrantz (guest, #28458)
In reply to: The dangers of weak random numbers by bronson
Parent article: The dangers of weak random numbers

It's true that the libc developers can't know why you want a random number, it's definitely
also true that one size does not fit all. But the libc implementation is the worst kind of
compromise as it is neither fast nor secure. If you want lots of numbers, you will get a lot
better performance out of e.g. Mersenne twister, and if you want something even remotely
secure, you need to use a special purpose cryptographic algorithm. 

As near as I can tell, the only situation you would ever want to use the libc random number
generator is when you really don't care about either performace or security. Couldn't they at
least have done one of the two?


(Log in to post comments)

The dangers of weak random numbers

Posted Feb 21, 2008 23:06 UTC (Thu) by bronson (subscriber, #4806) [Link]

That's a good point.  I can't think of a single thing the libc implementation excels at.  I
understand why they punted on security, but that's no reason to punt on everything!


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds