Recently I found that Netscape used quite simple algorithm to generate random number for Message Authentication Code to establish an HTTPS connection (Nestscpe used time, process identification number, and parent-process identification number). So now I wonder what source of seed do modern browsers use to guarantee true randomness?
Asked
Active
Viewed 95 times
2
-
4In software, there is no such thing as a "true randomness". – quant_dev Sep 19 '11 at 06:17
-
I see true randomness all the time when I do code review ;) – Terence Johnson Sep 19 '11 at 15:00
1 Answers
2
This question and this question over on security.SE have some answers describing sources and the randomness available.
Rory Alsop
- 326
- 3
- 12