On 5/29/2013 8:54 AM, Udon Shaun wrote:
I have decided to hash the sqlite random with the normal rand() then
use that as the seed for the FORTUNA algo to mitigate this scenario.
That should then ensure that the seed is always different.even if
the OS specific random function isn't that random (or indeed 0).
rand() needs to be seeded, too. If one can predict the seed for SQLite
RNG and for rand(), then one can also predict the seed for FORTUNA. More
generally, it doesn't matter how long and complicated a chain of
generators you string together - you cannot make entropy where there was
none before.
--
Igor Tandetnik
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users