That is why IBM recommends using CIPHER's PRN to generate salt values for encrypted text. Given all the possible ways to make something accidently insecure, I'd rather use something that I can trust to be done correctly (or at least be able to call someone up and yell at them if it isn't) than come up with it myself.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Nathan Andelin
Sent: Tuesday, September 09, 2008 5:51 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Random String Generator

Walden H. Leverich wrote:
I can still easily crack that by running all possible times into
the random number generator until I find your sequence.

Would you have to run all possible times? That would be a big number
(86,400,000,000 microseconds in a 24 hour period).

But the idea reminds me of cracking an encryption algorithm by running
streams of null characters through the encryption routine and looking
for a pattern in the result stream. If the algorithm is strong, you
shouln't be able to see a pattern, even with just one key.

Nathan.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.