Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14889
| From | Greg Wooledge <wooledg@eeg.ccf.org> |
|---|---|
| Newsgroups | gnu.bash.bug |
| Subject | Re: $RANDOM not Cryptographically secure pseudorandom number generator |
| Date | 2018-12-03 12:35 -0500 |
| Message-ID | <mailman.5093.1543858570.1284.bug-bash@gnu.org> (permalink) |
| References | <CA+4vN7zoPwhL5E82pDb=20yk4Dxdj=iRJiY2mmsbAtN1yqSeZw@mail.gmail.com> <868cc2da-cf67-298f-4640-ab1afcf857e0@case.edu> <CA+4vN7wkuCya7FES1HXiyFTF3a=pkVSdhVCthmjR29OwCAKZng@mail.gmail.com> <fa0b238c-9cb5-a840-ec6b-15cfd11d15cd@case.edu> <CA+4vN7zP26E6o13ysfppv8zjMWDV5BgQNQ1i6GP-3pg_ewVVeA@mail.gmail.com> |
On Mon, Dec 03, 2018 at 05:31:18PM +0100, Ole Tange wrote: > Luckily I did not just assume that Bash delivers high quality random > numbers, but I read the source code, and then found that the quality > was low. I do not think must users would do that. You're correct. Most users would not have to read the source code to know that the built-in PRNG in bash (or in libc, or in basically ANY other standard thing) is of lower than cryptographic quality. Most users already KNOW this.
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: $RANDOM not Cryptographically secure pseudorandom number generator Greg Wooledge <wooledg@eeg.ccf.org> - 2018-12-03 12:35 -0500
csiph-web