How insecure of a cryptographic stream cipher is the glibc random number generator (relying on trinomials, seemingly a lagged Fibonacci), if, say, a million words are discarded, then 8 bits sampled, then repeat. It will of course be very slow.
It has the advantage of being built in to C, so no need to link to an external crypto library. There remains the problem that one cannot easily set the initial state with a key larger than 32 bits (referring to bug libc/3662).
Previous musing on attacking system random number generators.
No comments :
Post a Comment