On Thursday, November 03, 2011 11:42 AM, "Stefan Sperling" <s...@elego.de> wrote: > On Thu, Nov 03, 2011 at 12:01:58PM +0200, Daniel Shahaf wrote: > > Something tells me that when a cryptographic protocol calls for random > > numbers then a quasiconstant or known value wouldn't do instead. > > Put more bluntly, if protocol designers bothered with putting a random > number into their protocol, implementors must assume that designers had > a good reason for the number to be *random*. Using the current time instead > of a random number is breaking the protocol implementation. > > I mean, seriously, it's not like Debian didn't have a track record > of breaking security with custom patches. Remember the ssh keys debacle? > I am amazed to learn such a patch exists in Debian's Subversion packages. > I think this patch should be pulled from Debian's Subversion packages > immediately. >
Yes, in general if you don't know why a random number was used you'd better not make it any less random. But please don't rush to conclusions without studying the concrete protocol.
