| >True, they are different, but there is no meaningful distinction between a value that is "truly random" and a value that can be computed with a computer larger than the universe. Sloppy thinking and conflating different ideas are not a good way to think about computer security. >ChaCha20 will not be broken in our lifetime; probably it will never be broken As was said of the zillion currently broken cryptosystems, hashes, and all manner of security schemes...... > the cryptographers have won. Is this why NIST routinely is asking for better crypto systems? Because crypto is solved? > there are now calls for reducing the strength https://eprint.iacr.org/2019/1492 Yet followup papers often invent new methods of attack https://eprint.iacr.org/2022/695. It's almost as if theoretical advances can change the unproven-yet-assumed strength of previous methods. >Which type of RNG should be the default (e.g. the one you get if you type 'import rng') I already demonstrated that answer is PRNG for pretty much all widely use languages, which I agree with. There's simply no CSPRNG possible that ports over the widespread systems these languages are used for, so it's silly to continue to argue that they should default to a CSPRNG. CSPRNGs are not used by default, have never been, there is no trend to move that way I can find, all for the reasons I gave my very first reply in this thread. |