Costin Manolache <[EMAIL PROTECTED]> writes:
> Eric Rescorla wrote:
>
> > Jim Jagielski <[EMAIL PROTECTED]> writes:
> >
> >> Eric Rescorla wrote:
> >> >
> >> > Glenn Olander <[EMAIL PROTECTED]> writes:
> >> > > 5) The strength of the PRNG is largely irrelevant
> >> > >
> >> > > As a user, I wouldn't trust any solution which lacks a check for
> >> > > duplicate session id's, regardless of the strength of the PRNG.
> >> > This doesn't seem to me to be a plausible position in view
> >> > of the fact that all of our security mechanisms absolutely
> >> > depend on statistical uniqueness of randomly generated large
> >> > numbers.
> >> >
> >>
> >> These are 2 different points I think. If you randomly generate numbers
> >> between 1 and 1,000,000 you will, after a point in time, have
> >> duplicate numbers.
> > Yes, but if you randomly generate numbers between 1 and 2^128, you'll
> > have to generate roughly 2^64 random numbers to have a good chance of
> > getting a duplicate. Sure, over time you'll get a duplicate,
> > but in this context over time needs to be measured over a
> > time scale far in excess of the time scale that is interesting.
>
> Adding the startup time doesn't hurt.
> Or enough bits of the startup time to guarantee a duplicate won't
> happen in our life.
No, it doesn't hurt. I just don't think it adds much value. Why not
use a simple counter, though?
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
http://www.rtfm.com/
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
