Add randomness requirements to e3x cipherset description
bachp opened this issue · 1 comments
bachp commented
Some steps in the cipherset (like key generation) require good random numbers to be secure.
It would be nice to have a hint in the specs that says where the user has to pay attention to to random numbers to be secure.
This would help people not all to familiar with all the algorithms to use them in a secure fashion.
quartzjer commented
Hmm, my instant reaction is that all random numbers should be good, I can't think of any case in the spec where I'd be comfortable with a weak random number :)
I'll add a note to this point of requiring a good random source overall though to be sure, 👍