[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Finding Nemo's random seed
- From: Ray Dillinger <bear AT sonic.net>
- Subject: Re: [Cryptography] Finding Nemo's random seed
- Date: Wed, 6 Sep 2017 16:34:58 -0700
- Arc-authentication-results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 188.8.131.52 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:in-reply-to :mime-version:user-agent:date:message-id:from:references:to :delivered-to:arc-authentication-results; bh=35NblJvRAEWrxGkeoesJenaUX4Wv22GjIMfpMqtMHSA=; b=xzjja0MbjiIWZN7buboJFrMAmJMKwrqEyTi3vcmx6ykc5St4EjmmFXoBA5wSr2PTAD GeQfSAFZ3Mf1tdcU2vpAGWzzuoKz8kt+A4UXfNxSLkiX9xn8R8hGGxZo9ciCbPtV3NcY yskeNEADG0bFc4K/hJClT7w5HiSwqskuA/ozgbt+BRHEI1ZqXej39Wmn2OkxDLPPHIPK WSWQoFo9qDwk+HJmrzlTXfLwRD7X0x/cbziNbY9Kd5/eWV9KhGUdVlujCdnnfZdO36Lu TRiHO35p7fbFqC0UBpy5EA67LCT2LI9PN/Vizb1/QVWPb3oRchLuaUSpfegayCIbY5Wq KOMQ==
- Arc-seal: i=1; a=rsa-sha256; t=1504806529; cv=none; d=google.com; s=arc-20160816; b=wq69auyWed8nlsviTi+12QZ/Ado72JJJyS2RiBKDfsZODVZOkVLTng060qKTO11b3t jFqMwAh0e2KrBJOIoJNNV5Ow3VgAcVK480nzeAtgmR6LUnEmDU4Vx1P76xkcstdLLM2P gyfpw95xUDc5nQ32pQxwbI1g7t/KTCErGyprYdhuiykW0vTAGoW8QHSHQdormlpU7ilY tUJNNeZCmx6c3hKw1zDyu9fpqeuqRif3xP+fjzpl+BP/dGY6awVOZR77oxFHpmaG+soC 1tzpVcZNYW2dOo/Q+H6JrIyutZwt0CwVup8BgjhHGsRWd4blcaOdJwHnXiqwiCLUkecs 7sOA==
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: cryptography AT metzdowd.com
On 09/06/2017 07:10 AM, Henry Baker wrote:
> Two words: functional programming.
> Another two words: no sympathy.
They deserve *some* sympathy. Everybody has learning experiences, and
learning experiences are often painful. But if they have the same
learning experience again, they deserve no sympathy whatsoever.
There's almost always a library call that specifies a pseudo-random
stream - that the same sequence will be generated from the same input.
It is almost never guaranteed stable. They don't specify what
generator, they don't give the parameters, and they don't give test
vectors. In subsequent versions, in different environments, with
different sets of dll's or shared objects, they can fulfill what the
library documentation promises by giving you a *different* sequence
that's repeatable in *that* environment.
If you need stable repeatable sequences, eg, for documents that may be
read elsewhere or later or by a different version, or even by the same
version as compiled in a different build configuration, it's just plain
dumb to rely on a library call unless they specifically promise
stability. Otherwise version-stable PRNG sequences are
application-specific, and the PRNG has to be part of the application
Description: OpenPGP digital signature
The cryptography mailing list
cryptography AT metzdowd.com