On 5/29/2013 8:54 AM, Udon Shaun wrote:
I have decided to hash the sqlite random with the normal rand() then
use that as the seed for the FORTUNA algo to mitigate this scenario. That should then ensure that the seed is always different.even if
  the OS specific random function isn't that random (or indeed 0).

rand() needs to be seeded, too. If one can predict the seed for SQLite RNG and for rand(), then one can also predict the seed for FORTUNA. More generally, it doesn't matter how long and complicated a chain of generators you string together - you cannot make entropy where there was none before.
--
Igor Tandetnik

_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to