March 16, 2019
10:16 p.m.
Michael Richardson writes:
It seems that these issues exist if there are *any* keys generated before use, independantly of the number of keys.
Yes, exactly, which makes me scratch my head every time someone proposes a list of pre-generated keys as the solution to this problem. It seems to me that what such a list gets you is lead time on cracking future keys, or more things that end up useless in the event some aspect of the whole process is found to have been faulty. This in exchange for the busywork of changing the current key more frequently without adding any real additional security in the process.