Re: One-line password generator
Hi,
Andy Smith wrote:
> https://www.2uo.de/myths-about-urandom/#experts
So it is about how Daniel Bernstein justifies his claim that it is
wrong to say:
"we can't figure out how to deterministically expand one 256-bit
/dev/random output into an endless stream of unpredictable keys
(this is what we need from urandom),"
and right to conclude:
"For a cryptographer this doesn't even pass the laugh test."
How do cryptographers manage to get this miraculous growth of information
if the only secret is the 256 bit of /dev/random output ?
Why would i need more than 2 exp 256 tries to guess the whole stream ?
(I don't point out that this refers to /dev/random as source of
/dev/urandom, because i assume that this is only rethorical to
illustrate the more general question.
Further i understand that Linux changes the key in the time range
of minutes. This seems to be a much stronger precaution than
just a single key.)
(And again, it's not about IT but about math. In practice 2 exp 256
or 2 exp 384 are enormous numbers.
Nevertheless, being sloppy in math can bite you in practice.)
Have a nice day :)
Thomas
Reply to: