Feed for tag: prng
Vulnerabilities in Numerous Javascript Cryptographic Libraries

Some concerns were raised on bitcoin-dev regarding potential vulnerabilities with some Javascript based crypto applications, more precisely the use of SecureRandom() function which collects entropy and includes a PRNG (Pseudo Random Number Generator).


The conclusion seems to be that at least all wallets generated by js tools inside browsers since bitcoin exists until 2011 are impacted by the Math.random weakness if applicable to the related implementations, the Math.random or RC4 (Chrome) weakness between 2011 and 2013, and RC4 weakness for Chrome users until end of 2015