aleksej996
Sr. Member
Offline
Activity: 490
Merit: 389
Do not trust the government
|
|
September 26, 2018, 06:28:25 PM |
|
It isn't a big issue.
This just means that those 432420386565659656852420866394968145598 first numbers are twice more likely to occur in the generator then they would naturally.
If you pick a random number between 0 and 2256, there is 1 in 2120 chance that it will be in the range between 0 and 2136. Due to this suboptimal behaviour, it will be 1 in 2119, so not a big difference when it comes to security.
So as an attacker, you would likely want to start by searching that keyspace first at the beginning, although the key will be there only once in 2119 keys that you try to break, but it is still a bit more likely to be there then any other range of same size in that keyspace, so it is a nice optimization technique if you are braking a lot of keys.
Technically it is a flaw, since using this for an attack is slightly better then brute force, but I assume many brute force implementations would have this optimization by an accident, simply because it makes sense to start at the beginning, perhaps, if the numbers are random.
|