[Ach] Random number generators (was Bug/Ba in OpenSSL)

ianG iang at iang.org
Tue Nov 26 15:45:05 CET 2013

On 26/11/13 13:32 PM, Aaron Zauner wrote:

> One should use RNGs as provided by the operating system - since those are audited frequently. The issue with VMs/Embedded Devices and low-entropy hardware still remains.

Almost.  I would change the second sentence to words to effect:

      Watch out for VMs/Embedded Devices, you will need to do more 
research, which is out of scope of this paper and currently an unsolved 

That's it, IMHO.  Done & dusted :)


More information about the Ach mailing list