[cryptography] urandom vs random
ssc at seecurity.org
Wed Aug 21 04:37:05 EDT 2013
On 21. Aug 2013, at 09:32 AM, Dominik <dominik at dominikschuermann.de> wrote:
> You can use DieHarder, which is a collection of statistical tests to evaluate if somethings looks random.
Problem is that you have to use the suite in a proper way. Checking
a single "weak Debian SSL key pair" probably would not have
raised the problem. You'd have had to generate many keys (>> 2^16)
with that Debian SSL version to learn that they repeat.
So simply running DieHarder is not enough.
More information about the cryptography