Is Perl Data::UUID a strong symmetric key source?
I'm considering using Data::UUID Perl module to generate a 256 bit symmetric key for use with the HMAC_SHA256 algorithm. Each call should give me a unique string of 128 bits so I'm thinking of doing something like the following:
开发者_开发知识库use Data::UUID;
my $ug = new Data::UUID;
my $uuid1 = $ug->to_hexstring($ug->create());
my $uuid2 = $ug->to_hexstring($ug->create());
my $256_bit_key = $uuid1 . $uuid2;
Is this key cryptographically strong?
No.
Use Crypt::OpenSSL::Random or another crypto-strong random number generator.
To be more precise, you can get some bytes from the CRNG, convert them into an ASCII string, and then use that to do the hash against.
精彩评论