The Windows RNG infrastructure is specified in this article. On page 4, it states that the PRNG called AES_CTR_DBNG is used.
According to Wikipedia, this PRNG has security problems when used with certain parameters.
Specifically:
When AES is used as the underlying block cipher and more than 128 bits are taken from this pseudorandom number generator, then the resulting security level is limited by the block size instead of the key size and therefore the actual security level is much less than the security level implied by the key size.
In my understanding, pseudorandom number generators are often used to produce thousands of random bits before reseeding, and thus many more than 128. Does this mean that the Windows RNG is unsafe?
Aucun commentaire:
Enregistrer un commentaire