A useful test prog
low halo, Defender of Truth and Liberty
lowhalo at hush.com
Wed Jun 9 03:23:41 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
> To analyse a RNG you have to scrutinize the code.
I agree with you here, but I believe that black-box testing
the PRNG can give you a separate (and useful) point of view.
The DIEHARD and ENT tests cannot tell you that the PRNG is
good, but they can hint that there is a problem--one that
your eyes perhaps missed during the code review.
Given that (almost) all cryptographic operations depend
upon random numbers, I think that it is worth it to take the
extra step and run the bytes through analyzers. There just
seems too much at risk to neglect this step.
- low halo
low halo <lowhalo at-s1gn hacktivismo d0t c0m>
Defender of Truth and Liberty
9AB1 FF04 016F 89A3 5B4E A585 BDBB 5FBE 3AFB 17F6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Your Mother)
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
Promote security and make money with the Hushmail Affiliate Program:
More information about the Gcrypt-devel