[FFmpeg-soc] [soc]: r532 - matroska/matroskaenc.c

Kostya kostya.shishkov at gmail.com
Sat Jul 28 20:03:42 CEST 2007


On Sat, Jul 28, 2007 at 07:09:44PM +0200, Michael Niedermayer wrote:
> Hi
> 
> On Sat, Jul 28, 2007 at 05:43:03PM +0300, Kostya wrote:
> > On Sat, Jul 28, 2007 at 02:16:23PM +0200, Michael Niedermayer wrote:
> > > Hi
> > [...]
> > > 
> > > ... as i said getting a good and secure random number is not easy, you 
> > > cannot use anything that could be usefull for an expoit or anything that
> > > could by used to identify time or place where encoding happened,
> > > not the current time, no pointers, ...
> > > you are left with the video/audio you are going to encode, and some stuff
> > > we cant easily use like the least significant bits of the time of some
> > > interrupts
> > 
> > What about this?
> > http://en.wikipedia.org/wiki/UUID
> 
> which version of UUIDs?
> you have 3 choices
> 1/2 contains the MAC address (this is the most stupid idea so far not to
>     mention the issue of how to find the MAC address in a portable way)

That depends on what UUID is used - IIRC this one can be decoded.

> 3/5 are just a md5/sha1 of a string AFAIK which was already suggested
> 4   is just a random number (with which we are back to square 1 just that we
>     now can call it UUID)
> 
> 
> what about this?
> /dev/zero

The best seed is lower bits of timestamp, especially in nanoseconds - it's
very random and you can't restore anything useful from it.
/dev/zero contains a lot of values omitted from other PR sequences so it is random
too.
 
> [...] 
> 
> -- 
> Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB




More information about the FFmpeg-soc mailing list