From owner-freebsd-current Wed Jun 7 23:44: 6 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id B0A3E37BAE2; Wed, 7 Jun 2000 23:44:03 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id XAA86883; Wed, 7 Jun 2000 23:44:03 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Wed, 7 Jun 2000 23:44:02 -0700 (PDT) From: Kris Kennaway To: Mark Murray Cc: current@FreeBSD.ORG Subject: Re: mktemp() patch In-Reply-To: <200006080629.IAA04362@grimreaper.grondar.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 8 Jun 2000, Mark Murray wrote: > Hi > > > + /* Encode the PID (with 1 bit of randomness) into 3 base-64 chars */ > > + pid = getpid() | (arc4random() & 0x00020000); > > What is the purpose of this? It looks hugely wasteful to me. If you > really need a single random bit, it is not good to waste a block of > hard-gained gryptographic randomness; can you not use a pseudo-random > bit-generator? arc4random() does not consume entropy except the first time it is called and when explicitly reseeded through arc4random_stir(). Apart from that it's a deterministic function (the arc4 stream cipher), but it's still a reasonably good cryptographic PRNG because arc4 is a cryptographically strong algorithm. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message