If you stretch it into a set of numbers with 256 bits or less, you are good. If ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		marcosdumay on Aug 9, 2015 \| parent \| context \| favorite \| on: Web's random numbers are too weak, researchers war... If you stretch it into a set of numbers with 256 bits or less, you are good. If you expect to generate bigger random numbers from it, you have a problem. But the pool does not stay with only 256 bits for long (if at all). It's always accumulating more. Anyway, if the pool ever get to zero, it means that an attacker with infinite resources that can see the entire sequence generated by the CSPRNG could predict the next numbers it'll generate. On practice none of those conditions are met.

Tomte on Aug 9, 2015 [–]

So you don't trust modern block ciphers and avoid encrypting more than 128 (or 256) bits of data with a single key?

Isn't that extreme key rotation a bit bothersome?

No, stretching your seed of 256 bits into terabytes of pseudorandom numbers is normal and absolutely fine.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact