19 May
2006
19 May
'06
3:39 p.m.
Greg Link wrote:
[...] Re-seeding naively can be dangerous, as it's not just entropy you want in a seed - it's things like relative primality, etc. As noted, seeding with a clock isn't nearly as effective as most think. Process ID's tend to be 'low' (not 11+ bits long, at least), as do ThreadID's, and other such things. Not nearly as much entropy as many think.
Well, that's why one would typically combine as many entropy sources as possible using a hash function (MD5, SHA, even boost::hash if 32 bits are enough.) :-) For more demanding uses there's always CryptGenRandom, or RtlGenRandom on XP+. On VC 8.0 there's also rand_s. http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx