Random Numbers in Perl

[der.hans]

Am 23. Oct, 2000 schwäzte Kevin Buettner so:

>  - the /dev/random driver appears to be already doing something
>    roughly equivalent to an md5sum.  In fact, random.c contains the
>    core of the MD5 algorithm.  However, it is not being used.
>    In its place, something called a SHA hash is used on the entropy
>    pool to generate random numbers.  If you prefer to use the MD5
>    code, you can comment out the USE_SHA define.  I imagine that
>    there's a good reason for using the SHA hash instead of MD5;

Went to an intrusion detection presentation at AZSAGE last week. The
presentor said that SHA and MD5 are the two formats allowed by the courts,
e.g. if you encrypt with something else they won't allow the evidence. She
said there was a way to break MD5 in a matter of minutes, so SHA appears
to be the way to go.

I don't know enough to say whether or not she was right...

ciao,

der.hans
-- 
#  der.hans@LuftHans.com   home.pages.de/~lufthans/   www.Opnix.com
#  A t-shirt a day keeps the noose (tie) away. - der.hans