Re: Actor model implementation, seeking feedback

[Vasilij Schneidermann]

Hello Ariela,

> 2. You're right! I actually hadn't thought about that! Guess I had a hard time
> not conflating "unique and non-repeatable" with random numbers... would a
> timestamp be a better (but probably still not ideal) approach?

No, timestamps may repeat if taken quickly enough. Another issue is that
in a distributed system you must now guarantee that all participants
have synchronized clocks...

A particularly elegant approach is to generate random bytes once (much
like a secret key is generated once), then increment them for each
consecutive encryption operation (much like the CTR mode works). For
example RFC7523 uses the following nonces in appendix A:

BBAA99887766554433221100
BBAA99887766554433221101
BBAA99887766554433221102
...
BBAA9988776655443322110F

Vasilij

signature.asc
Description: PGP signature