Le 26/04/2012 19:02, Raphael Geissert a écrit : > Timo Juhani Lindfors wrote: >> True. We need to both fix the RNG and use a longer moniker. > > M = H(CRYPT_PRNG()) > > for example: > > use Digest::SHA qw(sha1_hex); > > open(UR, '<', '/dev/urandom') or die($!); > > my $rbytes; > die if (sysread(UR, $rbytes, 16) < 16); > > my $m = sha1_hex($rbytes);
While we're at it, what about giving the possibility to the voter to contribute to the entropy of the moniker? Say, add a field to the ballot and suggest the voter to put e.g. the output of pwgen there? This would be in addition to the above code. Cheers, -- Stéphane -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f9a2a94.5050...@debian.org
