On Fri, Feb 17, 2012 at 8:25 AM, Joerg Arndt <arndt@jjj.de> wrote:
* Marc LeBrun <mlb@well.com> [Feb 17. 2012 16:55]:
="Eugene Salamin" <gene_salamin@yahoo.com> all this pseudorandom number garbage will become obsolete.
Perhaps not entirely; there could remain some utility in being able to, say, rerun simulations exactly.
Reproducibility is very often an absolute must (e.g. for physical simulations whose results get published).
I do not think an on-chip random number generator is needed for crytographic purposes, we just need a decent entropy source (crank up input gain on the sound card and cycle-and-XOR 1024-bit chunks over 60 sec, this should be good enough, I speculate. Also some not-too-silly circuitry for <= 1 Dollar should do the job very well).
Boxen running in a data center with only a solid-state hard drive (perfectly predictable seek times) and a network card where traffic is carefully distributed and very predictable have real troubles getting enough randomness.
Btw. /dev/random and /dev/urandom (under Linux) should do the trick already.
In situations like the one above, the server would either block on dev/random or be vulnerable because all the entropy has been depleted. -- Mike Stay - metaweta@gmail.com http://www.cs.auckland.ac.nz/~mike http://reperiendi.wordpress.com