By: webhat

webhat — Fri, 21 Nov 2008 16:43:43 +0000

I must add as a personal note that I still think Chris is wrong. A nonce of 0x00000001 and 0x00000002 are unique and entirely useless, but I am willing to accept it if I made a mistake. As I said to Chris in a private mail:

I still believe what I believe, which is that the nonce should still be unpredictable and, as you correctly stated, unique. Perhaps a hash of time in milliseconds would be an option, naturally one in which the likelihood of collisions is low.

We’ve agreed to disagree about the entropy.

Comments on: Predictable Initialization Vectors #security #cryptography

By: webhat