Random Numbers in Perl
Jason
jkenner@mindspring.com
Wed, 08 Nov 2000 08:41:11 -0700
Nathan Saper wrote:
> > The most common portable method of obtaining cryptographically strong
> > random numbers is to generate a seed using the HACK device. (Human At
> > Computer Keyboard :) I believe PGP relies on this method.
> This is probably a stupid question, but: What would be the best way to
> implement this sort of arrangement in Perl?
Ive given this some thought, and have decided that I would need to
know more about the specific nature of your application to answer.
Obviously, the timing of individual keystrokes is not available to a
perl script running on a remote webserver, which only sees a
form-submit as a single clump of data. Basically, with the requirement
for that level of interactivity, totally independant perl coding isnt
possible.
One could generate a seed from a hash of a user-supplied paragraph,
but I am not sure that this would be anywhere near random enough for
the generation of a 1024bit key... Requiring the user to type more
than that would be inconvienent to say the least...
--
jkenner @ mindspring . com__
I Support Linux: _> _ _ |_ _ _ _|
Working Together To <__(_||_)| )| `(_|(_)(_|
To Build A Better Future. | <s>