top | item 6010835

(no title)

omra | 12 years ago

I agree that an off-by-one error is not a huge deal in most cases, but cryptography is one of those places where you cannot get it wrong. The programmers, or a employee well-versed in cryptography, should have ran a Chi-Squared test immediately on the random data to make sure it was random. (That is the first thing I would try, and I only have a working knowledge of statistics and cryptography.)

Cryptography is unforgiving, and when your code could seriously endanger someone else, you have to be constantly vigilant.

discuss

No comments yet.