On Tuesday 04 June 2002 10:33 pm, Bill Broadley wrote: > On Tue, Jun 04, 2002 at 09:39:32PM -0700, Micah Cowan wrote: > > This is really picky of course, but the other criteria for "secure use > > of Xor", in addition to having a key at least as long as your data, > > is: > > > > 1. That it be a random sequence - *truly* random. This rules out > > using "passphrases" and the like. *All* passphrases or passwords > > are extremely insecure for Xor, regardless of length. > > Correct, a passphrase would violate the xor sequence longer then the data > rule. Passing PID or time as a seed to random would also be a very > bad idea. Md5 checksums of random noise (transistors, radio reception > of static, radioactive decay etc) is the level of randomness that is > idea.
Hey, now there's an idea... I could use my TV tuner to gather data for the kernel entropy pool when I'm not watching tv with it. Anyone know of something to do that? It'd be cool to play with..... _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
