Follow

Isn't it amazing when you provide seeds to all RNGs and the code is _still_ nondeterministic?

@bfiedler i mean you‘re probably iterating on a map or smth else that isn‘t determinisitic right?

@bae Nah, even better. I've looked at some code testing pgp encryption in Go. There's a config in which you can specify the RNG used for generating padding bytes, and it certainly _looks_ like everything should be deterministic then.

But no: there are two possible outcomes, each occuring roughly half of the time. Why you ask? Because deep down the openpgp code calls this stupid method: golang.org/pkg/crypto/internal

The fix is simple enough, but it was nonetheless an... adventure to debug.

@bae Funnily enough, the description is wrong as well - it certainly does affect any reader which outputs a _fixed_ stream of bytes, it only does not affect those that output _the same_ byte over and over.

@bfiedler uuf. I mean I get the point of forcing people not to depend on determinism and am generally not against it, but the description really isn‘t helpful😔

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!