[WEB SECURITY] a new 'Secret Key' Cryptographic Algorithm ~ any analysis/suggestions/weakness will be helpful ~ Variation of One-Time Pad

Claudio Telmon claudio at telmon.org
Tue Apr 26 16:36:25 EDT 2011


>> */dev/urandom (or /dev/random if you feel paranoid) could provide better
>> entropy*
>>
> if I'll be paranoid (actually in designing security patterns that's the only
> way)... even /dev/random ain't secure for me

The problem is, /dev/random will only provide the entropy bits available
in the system, and then stop until more bits are available. You can't
use it as source unless you either have human interaction or can wait an
unlimited amount of time. That's why /dev/urandom exists.

Regards,

- Claudio

-- 

Claudio Telmon
claudio at telmon.org
http://www.telmon.org





More information about the websecurity mailing list