[FFmpeg-devel] [PATCH] mxf umid generation

Reimar Döffinger Reimar.Doeffinger
Sun Mar 8 09:03:49 CET 2009


On Sat, Mar 07, 2009 at 08:53:03PM -0800, Baptiste Coudurier wrote:
> > if /dev/random is available better if just a timer is available
> > you leak the cpu type & compiler version used.
> 
> Well, I added ff_random_get_seed according to your indication :/

Maybe fixing the leak is better? Change ff_random_get_seed to encrypt
some pseudo-random number using another pseudo-random one as a key (i.e.
a poor man's hash)?
While you can still get the exact values if you can guess most of the
bits of the seed it would not leak them right-out.
You'd need at least 64+56 bits for e.g. DES though, you can reduce it to
64 if you use key==source (not sure if that is any better than fixed
source==0 security-wise I admit).




More information about the ffmpeg-devel mailing list