openssl - Should the same Random Number Generator be used for multiple crypto operations -

-

is recommendable instantiate openssl or crypto++ cryptographically secure random number generator, seed once, , use sequentially in multiple cryptographic operations generating keys, encryption, signing etc.?

will be secure enough handle multiple uses without compromising security?

is considered safe practice use different prngs each operation , seed them differently? there nuances should considered?

stay same cryptographically secure prng. know seems make more sense change, big mistake apply common sense when higher math called for. never "roll own" crypto, or change methods, or make "improvements" no matter how sense seem make. stick proven methods, tested algorithms, , open source code written people reputation.

cryptographically secure prngs different standard prngs used things monte carlo simulation. designed unpredictable when long sequence of values taken. if try "improve" on switching, more screw up.

also, hardware true rngs cryptographically secure nature, best possible option if have use random.org.

the worst possibly change prngs every key. you're not getting random sequence @ all, sequence hash function of seeds, , seeds , seeding function of each prng.


Comments

Post a Comment

Popular posts from this blog

Fail to load namespace Spring Security http://www.springframework.org/security/tags -

-
i have problem namespace of spring security on xhtml page. don't understand why can't load uri, , have following issue: whitelabel error page application has no explicit mapping /error, seeing fallback. tue jul 21 16:58:12 utc 2015 there unexpected error (type=not found, status=404). please need help! possible uri has been changed? best regards you using incorrect namespace url. correct url http://www.springframework.org/schema/security the error page seeing spring source website since not recognize url. try visiting http://www.springsource.org/security/tags in browser update : spring security tags used in jsp page correct tag lib declaration is: <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Read more

sql - MySQL query optimization using coalesce -

-
can explain me why second query faster first? (first 1 takes around 40 seconds, second 1 less 0.1) select releases.feature_code, releases.platform_id, version, release_date, general_available, uri, filesize, display_name, feature_name.full_name, if ((select exists(select 1 release_exceptions releases.feature_code = release_exceptions.feature_code , releases.platform_id = release_exceptions.platform_id , releases.version = release_exceptions.version) = 1), 1, 0) release_exceptions releases left outer join platform using(platform_id) left outer join feature_name using(feature_code) order version desc; ~~~ query 2 ------------------ ~~~ select feature_code, version, release_date, general_available, platform_id, uri, filesize, display_name, feature_name.full_name, coalesce(release_exceptions, 0) release_exceptions mus.releases left outer join ( select distinct feature_code, version, platform_id, 1 release_exceptions mus.release_exceptions ) release_exceptions using ...
Read more

Maven Javadoc 'Cannot find default setter' and fails -

-
i'm trying generate javadocs maven project, , i'm running error every time. unable parse configuration of mojo org.apache.maven.plugins:maven-javadoc-plugin:2.10.3:javadoc parameter #: cannot find default setter in class org.apache.maven.plugin.javadoc.options.group . command i'm using mvn javadoc:javadoc root directory, pom is. i don't have groups configured @ all, or have special configuration @ all. same error whether omit plugin in pom completely, add reporting, or add build plugin. i've tried adding empty groups well, , while message changes somewhat, still appears. i ran across this question , a. don't have testng dependencies, b. i'm not using command line parameters, , c. never resolved. it selenium project, suppose there similar, can't figure out. ideas? i've included maven debug stack trace below. [error] failed execute goal org.apache.maven.plugins:maven-javadoc-plugin:2.10.3:javadoc (default-cli) on project selenium: un...
Read more