Am Di, 8.05.2007, 21:48, schrieb Kyle Hamilton: >> Randomness is randomness. However, the important thing is that the >> randomness is not known, and the randomness cannot be retrieved. >> >> If you're worried about passing the tests on a subset of the data, >> take the subset that you're thinking of and run the tests on it. If it's >> truly random, it will pass no matter what subset you take.
Yes, I will run the tests as soon as I have programmed an useful and secure way to chunk and dispatch the random data. >> I don't know what the characteristics of the encrypted stream would >> be (to an eavesdropper) if the encrypted stream is completely random. >> Theoretically it shouldn't make a difference, but I haven't >> heard of any research on the topic. (Most research attempts to apply a >> cryptographically-generated sequence of apparently-random bytes to an >> information stream, thus making the stream appear random. It / should/ >> just appear like any other encrypted information stream.) >> >> -Kyle H I see. So I am quite shure I will not introduce a security flaw by chunking the data stream and transmitting it over the network with ssh2. Many thanks for your thoughts ! PS: If someone has thoughts on this as well, please let me know. Sincerely, Robert ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
