When random isn’t random enough

This is a bit worrying, but I suspect people in the know in computer science have probably had a hunch on this. Turns out that the random number that is factored into crypto is generally taken from the statistical chance of a particular string of bits occuring in a file. While that might appear to be “random enough”, it is possible to match up that line of random bits against files with the same pattern. Once you nail one pattern, then you can follow the dots. Not a good look ….

http://web.mit.edu/newsoffice/2013/encryption-is-less-secure-than-we-thought-0814.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s