From owner-freebsd-bugs Sun Sep 23 3: 4: 7 2001 Delivered-To: freebsd-bugs@freebsd.org Received: from koza.acecape.com (koza2.acecape.com [66.9.36.222]) by hub.freebsd.org (Postfix) with ESMTP id 64B2637B431 for ; Sun, 23 Sep 2001 03:04:01 -0700 (PDT) Received: from mail.lucifier.net (versalo.lucifier.net [66.114.66.235]) by koza.acecape.com (8.10.1/8.9.3) with ESMTP id f8NA3w829189; Sun, 23 Sep 2001 06:03:58 -0400 (EDT) Received: from lucifier.net (IDENT:mickey@localhost [127.0.0.1]) by mail.lucifier.net (8.12.0/8.11.2) with ESMTP id f8NA2Qqo000853; Sun, 23 Sep 2001 06:02:26 -0400 (EDT) Received: (from mickey@localhost) by lucifier.net (8.12.0/8.12.0/Submit) id f8NA2Qhp010383; Sun, 23 Sep 2001 06:02:26 -0400 (EDT) From: Michael Shalayeff Message-Id: <200109231002.f8NA2Qhp010383@lucifier.net> Subject: Re: OpenBSD-2.9 random devices In-Reply-To: from June Carey at "Sep 22, 2001 06:52:16 pm" To: June Carey Date: Sun, 23 Sep 2001 06:02:26 -0400 (EDT) Cc: bugs@openbsd.org, bugs@freebsd.org Reply-To: mickey@lucifier.net X-Operating-System: BSD 2.11 X-Flames-To: /dev/null X-Elm-Rules: righton X-Mailer: ELM [version 2.4ME+ PL66 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Making, drinking tea and reading an opus magnum from June Carey: > Hi. re > In the OpenBSD-2.9 random(4) manual pages, it says: "The entropy > pool is converted into output data using MD5"; /dev/srandom, > /dev/urandom. > > I believe the implementation of these devices were "taken" from FreeBSD, > hence the Cc:. no, it was not. > I suggest that the MD5 algorithm is removed and replaced with what I call > the "XOR-fold-technique". As I'm sure you know, the one-time-pad cipher > consists of a key-stream synchronously XOR'd with a data-stream. > > The "XOR-fold-technique" is the same thing, but applied to only one stream. > For example, if you have a (secret) 16-byte quantity, you half it in size > (8-bytes) and XOR one half with the other. The product is as secure as the > one-time-pad cipher, i.e. it is a perfect one-way "hash". and it does both at the moment, md5 and, then, fold it it in half. > The replacement of MD5 with "XOR-fold" has the following advantages: > > (1) Guaranteed one-way function; MD5 is at best supposition. > (2) Massive performance increase. > (3) The algorithm automatically scales to the input size, whereas MD5 > produces a constant sized output (128-bits from memory ?) > > > Disadvantages: > > None ? yeah, right. and now think which qualities output hash function should have and what your approach has? cu -- paranoic mickey (my employers have changed but, the name has remained) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message