From: yawnmoth on 17 Feb 2010 20:18 Is there any advantage to calling CryptGenRandom or .NET's RNGCryptoServiceProvider when you can just read HKLM\SOFTWARE\Microsoft \Cryptography\RNG\Seed directly? In my testing, each read is followed by an immediate reseeding of that value, so I don't really see the difference?
From: Jeroen Mostert on 18 Feb 2010 01:55 On 2010-02-18 2:18, yawnmoth wrote: > Is there any advantage to calling CryptGenRandom or .NET's > RNGCryptoServiceProvider when you can just read HKLM\SOFTWARE\Microsoft > \Cryptography\RNG\Seed directly? A very obvious one: the former are documented to work and robust to future changes, the latter is not. Don't be part of the problem by twiddling the registry directly instead of using documented interfaces. Furthermore, I doubt the seed is a cryptographically secure random number on its own -- I don't know, but why risk it? -- J.
|
Pages: 1 Prev: GetWindow on windows 7 donn't returns child window Next: GDT modification |