telehash/telehash.github.io

Add randomness requirements to e3x cipherset description

bachp opened this issue · 1 comments

Some steps in the cipherset (like key generation) require good random numbers to be secure.
It would be nice to have a hint in the specs that says where the user has to pay attention to to random numbers to be secure.

This would help people not all to familiar with all the algorithms to use them in a secure fashion.

Hmm, my instant reaction is that all random numbers should be good, I can't think of any case in the spec where I'd be comfortable with a weak random number :)

I'll add a note to this point of requiring a good random source overall though to be sure, 👍