On 4 September 2014 08:46, Aaron Toponce <[email protected]> wrote: > There are a couple things that you can do for older browsers that don't > support > crypto.getRandomValues(): > > 1. You can build your own CSPRNG using either Blum Blum Shub or Blum > Micali. In both cases, the CSPRNG is slow, and you'll need to rely on a > bigint.js library for the primes, but if all you need is a few KB of > random data, this will suffice. I've built BBS in Javascript, adhering > to all the rules, and it performs "good enough", and the security lies > in the hard factoring problem. > 2. You can checkout isaac.js at https://github.com/rubycon/isaac.js. ISAAC > is a CSPRNG written by Rober Jenkins in 1996, and based on RC4. It is > fast and secure.
Turtles. The second one of these appears to seed itself, if you do not, using Math.random(): https://github.com/rubycon/isaac.js/blob/master/isaac.js#L103 In the first, how do you seed it? In both cases, if I can enumerate all possible seeds in 2^40 and iterate your CSPRNG, I can recreate your random stream. You need to seed these algorithms with a seed that is from a secure random number generator. -tom _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
