17 Dec
2003
17 Dec
'03
11:17 p.m.
In article <9509201034.AA10521@prakinf.tu-ilmenau.de> you write:
Is it a good idea to use different (unrelated!) seeded PRNG's for the challenge data (which can be seen by sniffing) and the masterkey (which should never leave out of client's memory?
No. If the master key PRNG is poorly seeded, this is still exploitable: for instance, there is a lot of redundancy in most plaintext, and this can be used to check each candidate key value. Just use a cryptographically secure PRNG seeded with enough entropy.