From owner-cvs-src@FreeBSD.ORG Tue Jul 22 10:48:29 2008 Return-Path: Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDDED1065677; Tue, 22 Jul 2008 10:48:29 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id 7BED58FC1E; Tue, 22 Jul 2008 10:48:29 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.14.2/8.14.2) with ESMTP id m6MAmRrd076528; Tue, 22 Jul 2008 14:48:27 +0400 (MSD) (envelope-from ache@nagual.pp.ru) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nagual.pp.ru; s=default; t=1216723707; bh=FQAyOboZOxJ0sc43/nKWF1KYOs51dw7oO8HLGW1 fovs=; l=1039; h=Date:From:To:Cc:Subject:Message-ID:References: MIME-Version:Content-Type:Content-Transfer-Encoding:In-Reply-To; b=hYitU8NeUEwqtB30sBtRJDCfWfQq8nTiPOdOx43oJwjFQ1kZVSn6HBwkd629wbh84 egN7aTCBXz0rxCe042Qw8UBBQrUA20qw4Y+BF6vdMDAGouOhTAn/90ckxzTQwlio+5O gRdWK91sVOwSCNRujWDAJyHTmQy9YMZqgRZnqYs= Received: (from ache@localhost) by nagual.pp.ru (8.14.2/8.14.2/Submit) id m6MAmQrE076527; Tue, 22 Jul 2008 14:48:26 +0400 (MSD) (envelope-from ache) Date: Tue, 22 Jul 2008 14:48:26 +0400 From: Andrey Chernov To: Poul-Henning Kamp Message-ID: <20080722104826.GA76326@nagual.pp.ru> Mail-Followup-To: Andrey Chernov , Poul-Henning Kamp , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org References: <200807221031.m6MAVe9I012301@repoman.freebsd.org> <37711.1216722891@critter.freebsd.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <37711.1216722891@critter.freebsd.dk> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libc/gen arc4random.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2008 10:48:30 -0000 On Tue, Jul 22, 2008 at 10:34:51AM +0000, Poul-Henning Kamp wrote: > In message <200807221031.m6MAVe9I012301@repoman.freebsd.org>, "Andrey A. = Cherno > v" writes: >=20 > > Increase initially dropped bytes from 512 to 768 (768 is also > > suggested in the Ilya Mironov's article). 768 taken from another > > research where it treats as default for RC4-drop(768): > > http://www.users.zetnet.co.uk/hopwood/crypto/scan/cs.html#RC4-drop >=20 > I've always wondered why the dropped number of bytes is constant, > wouldn't it be smarter to drop a constant number, and then pull > out the next byte and drop that many further bytes ? =46rom math point of view, small pseudo-random dropping fraction added will= =20 not increase distribution significantly. With good seeding from the kernel= =20 PRNG even 256 bytes is enough (as OpenBSD currently does). It is just for= =20 formal RC4-drop(768) implementation as it described and for rare corner=20 cases when /dev/urandom is unavailable. --=20 http://ache.pp.ru/