This is a bit worrying, but I suspect people in the know in computer science have probably had a hunch on this. Turns out that the random number that is factored into crypto is generally taken from the statistical chance of a particular string of bits occuring in a file. While that might appear to be “random enough”, it is possible to match up that line of random bits against files with the same pattern. Once you nail one pattern, then you can follow the dots. Not a good look ….
http://web.mit.edu/newsoffice/2013/encryption-is-less-secure-than-we-thought-0814.html
Related articles
- Warning… Incoming Protection! (Very Unnecessary) (alldiamondblog.wordpress.com)
- Difference between C++ random number generation and Python (stackoverflow.com)
- imabonehead: Google confirms critical Android crypto flaw used in $5,700 Bitcoin heist | Ars Technica (arstechnica.com)
- Vectorialized parallel selection that’s random? (stackoverflow.com)
- Algorithmic Random (ezrasf.com)