Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Timo Juhani Lindfors wrote:
> True. We need to both fix the RNG and use a longer moniker.
M = H(CRYPT_PRNG())
for example:
use Digest::SHA qw(sha1_hex);
open(UR, '<', '/dev/urandom') or die($!);
my $rbytes;
die if (sysread(UR, $rbytes, 16) < 16);
my $m = sha1_hex($rbytes);
And while at it, stop reinventing the wheel and use a proper HMAC if that's
what is wanted:
use Digest::SHA qw(hmac_sha1_hex);
print hmac_sha1_hex($v, $m);
Then you just publish the HMAC in the tally.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: