[erlang-questions] Multi-precision math, random number generator entropy, various other questions
Robert Virding
rvirding@REDACTED
Mon Jun 1 02:29:33 CEST 2009
Hi Greg,
2009/5/31 Greg Perry <Greg.Perry@REDACTED>
> I am not a crypto expert, but it seems to me that just choosing a strong
> random seed value is insufficient -- the heart of the problem is that the
> RNG algorithm is simply not designed to generate cryptographically strong
> random numbers. If you want strong random number generation use the crypto
> module -- it pulls from /dev/urandom and various other entropy sources via
> OpenSSL.
I can most definitely say that the RNG algorithm in the module random does
not generate cryptographically sound random numbers. It is a perfectly
reasonable RNG for simulations and things like that but not for serious
cryptography. Unfortunately the documentation does not mention this.
Robert
More information about the erlang-questions
mailing list