|
|
|
|
|
|
by MiceWithYaffle
3229 days ago
|
|
|
> But I'll confess to not really understanding what all the fuss is about insecure generators. Based on things she's said on her site and in comments on John D. Cook's blog, it's all about algorithmic complexity attacks on randomized algorithms. In other words, if you're doing quicksort on external input with a random pivot, and someone knows the PRNG state, they can make a pathological input that'll trigger quadratic behavior. I don't know how likely this is to happen, but I know there were similar attacks on hash tables a few years ago. |
|
|