From owner-freebsd-current Sun Feb 2 10:53:54 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58C6F37B401 for ; Sun, 2 Feb 2003 10:53:53 -0800 (PST) Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5215E43F3F for ; Sun, 2 Feb 2003 10:53:52 -0800 (PST) (envelope-from ache@pobrecita.freebsd.ru) Received: from pobrecita.freebsd.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.12.6/8.12.6) with ESMTP id h12Irpd6066684; Sun, 2 Feb 2003 21:53:51 +0300 (MSK) (envelope-from ache@pobrecita.freebsd.ru) Received: (from ache@localhost) by pobrecita.freebsd.ru (8.12.6/8.12.6/Submit) id h12IroXx066683; Sun, 2 Feb 2003 21:53:50 +0300 (MSK) (envelope-from ache) Date: Sun, 2 Feb 2003 21:53:50 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: current@FreeBSD.ORG Subject: Re: rand() is broken Message-ID: <20030202185350.GB66622@nagual.pp.ru> References: <20030202182009.GA66318@nagual.pp.ru> <200302021836.h12Ia2aX049696@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200302021836.h12Ia2aX049696@grimreaper.grondar.org> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Feb 02, 2003 at 18:36:02 +0000, Mark Murray wrote: > I think we need four things. > > 1) void srandom(int arg) which uses the argument to seed. > 2) void srandomdev(void) which uses system entropy to seed. > 3) int random(void) which returns a number statistically > random in all bits. > 4) which returns as many bytes of randomness > (statistically random in all bits) as the caller asks for. > > We have most of this, and RC4 can deliver. RC4's "licence" is > fine. Call it "ArCFour" and there is no problem. The code is > small, fast and repeatable, and meets conditions 1-4 above. > > Coding is Junior-high-school level, given the spec. random() is not needed to be changed at all, it already use algorithm which is resistent to bad initial steering PseudoRNG as designed. The RNG in question is rand() only. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message