This paper justifies the decision not to rely on the Windows Random
Number Generator.
http://eprint.iacr.org/2007/419.pdf
Quoting:
We analyzed the security of the algorithm and found a non-trivial
attack: given the internal state of the generator, the previous state
can be computed in O(223)
yeah, I keep hearing about this. Some questions come to mind...
wasn't one of these MS RNG's tested via FIPS at some point?
what's the logic in concluding Win2k and WinXP and Vista have
different RNG's?
is this really the end of the world? I mean, is there some
specific attack? is
On Tue, Nov 13, 2007 at 03:37:42PM -0800, Rodney Thayer wrote:
wasn't one of these MS RNG's tested via FIPS at some point?
This seems likely. FIPS 140-2 cert #103 seems like the relevant cert
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2000.htm#103
Further, the pseudocode
