tornadocontrib/noble-curves
1
0
Fork 0
forked from tornado-packages/noble-curves
Code Pull Requests Activity

readme note on csprng

Browse Source
This commit is contained in:
Paul Miller 2023-10-20 13:16:37 +00:00
parent eabab627c7
commit 36894729c0
No known key found for this signature in database
GPG Key ID: 697079DA6878B89B
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -839,7 +839,10 @@ Use low-level libraries & languages. Nonetheless we're targetting algorithmic co
We're deferring to built-in We're deferring to built-in
[crypto.getRandomValues](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) [crypto.getRandomValues](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues)
which is considered cryptographically secure (CSPRNG). which is considered cryptographically secure (CSPRNG).
In the past, browsers had bugs that made it weak: it may happen again. In the past, browsers had bugs that made it weak: it may happen again.
Implementing a userspace CSPRNG to get resilient to the weakness
is even worse: there is no reliable userspace source of quality entropy.
## Speed ## Speed