NYT on Netscape Crack
David_A Wagner
daw at CS.Berkeley.EDU
Wed Sep 20 17:18:06 PDT 1995
In article <9509201034.AA10521 at prakinf.tu-ilmenau.de> you write:
> Is it a good idea to use different (unrelated!) seeded PRNG's for the
> challenge data (which can be seen by sniffing) and the masterkey (which
> should never leave out of client's memory?
No.
If the master key PRNG is poorly seeded, this is still exploitable:
for instance, there is a lot of redundancy in most plaintext, and
this can be used to check each candidate key value.
Just use a cryptographically secure PRNG seeded with enough entropy.
More information about the Testlist
mailing list