Opened 9 years ago

Last modified 8 years ago

#264 new defect

Drop Ada.Numerics.Discrete_Random from nonce creation.

Reported by: Maxim Reznik Owned by:
Priority: major Milestone:
Component: Matreshka - Web Services Version: 0.0.4
Keywords: Cc:


I belive Ada.Numerics.Discrete_Random is easy predicable and should not be used as source for nonce generation in


located in design/soap/ws-securit/

Change History (2)

comment:1 by Maxim Reznik, 9 years ago

As one of approach - use MD5 of Ada.Numerics.Discrete_Random.

In addition we could provide API to register user's random generator.

comment:2 by vadim.godunko, 8 years ago

Some information about cryptographically secure pseudorandom number generators

there are some references to known standards, we can implement one of them to replace random generator from predefined library.

Note: See TracTickets for help on using tickets.