Ryan M Harris wrote: >I have a batch of code that is to be used for secure session identifiers >in a network security system, can you tell me if this formula is good >for that type of environment. No, it is not. Your PRNG ("Mersenne twister") is not cryptographically strong. And you never took any care to ensure that the PRNG was seeded, which is a very common failure mode. You can find some information on how to do this right at http://www.cs.berkeley.edu/~daw/rnd/index.html
This archive was generated by hypermail 2b30 : Tue Dec 03 2002 - 12:01:03 PST