Re: [tinydtls-dev] Secure Random Number Generator ?

[Olaf Bergmann <bergmann@xxxxxxx>]

Raul Fuentes <ra.fuentess.sam+tinyDTLS@xxxxxxxxx> writes:

>     > Shouldn’t Cookies also be generated by a Crypto-Secure PRNG ?
>     
>     Yes!
>
> AH! 
> So, the current behavior of TinyDTLs when adding the time to the
> flights is intentional ? I'm going to need to rewrite some parts of my
> papers :)

Not being a crypto expert, I am not sure how _good_ a crypto required
for Cookie generation must be. But my gut feeling is that when you use
only one encryption key for all operations, the added salt should use as
much entropy as possible.

Grüße
Olaf