A useful test prog
low halo, Defender of Truth and Liberty
lowhalo at hush.com
Wed Jun 9 03:23:41 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> To analyse a RNG you have to scrutinize the code.
I agree with you here, but I believe that black-box testing
the PRNG can give you a separate (and useful) point of view.
The DIEHARD and ENT tests cannot tell you that the PRNG is
good, but they can hint that there is a problem--one that
your eyes perhaps missed during the code review.
Given that (almost) all cryptographic operations depend
upon random numbers, I think that it is worth it to take the
extra step and run the bytes through analyzers. There just
seems too much at risk to neglect this step.
- low halo
- --
low halo <lowhalo at-s1gn hacktivismo d0t c0m>
Defender of Truth and Liberty
http://ultramagnetic.sourceforge.net/
http://www.hacktivismo.com/
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AFB17F6
9AB1 FF04 016F 89A3 5B4E A585 BDBB 5FBE 3AFB 17F6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Your Mother)
iD8DBQFAxmYdvbtfvjr7F/YRAqsSAJ0WqGlCXyw5D5onGruRfsXH1ElM/wCfdgtJ
WI6ZRI19ngAO1dkzzBigwrk=
=WoEk
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
More information about the Gcrypt-devel
mailing list