Date: Fri, 09 Jun 2000 13:09:23 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Mark Murray <mark@grondar.za> Cc: Kris Kennaway <kris@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <394124C3.221E61BC@vangelderen.org> References: <Pine.BSF.4.21.0006072338550.73192-100000@freefall.freebsd.org> <200006081724.TAA00705@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote:
>
> > > What is the purpose of this? It looks hugely wasteful to me. If you
> > > really need a single random bit, it is not good to waste a block of
> > > hard-gained gryptographic randomness; can you not use a pseudo-random
> > > bit-generator?
> >
> > arc4random() does not consume entropy except the first time it is called
> > and when explicitly reseeded through arc4random_stir(). Apart from that
> > it's a deterministic function (the arc4 stream cipher), but it's still a
> > reasonably good cryptographic PRNG because arc4 is a cryptographically
> > strong algorithm.
>
> But I repeat myself; are you still intending to use cryptographic security
> for one bit? What does that buy you? An attacker will laugh at the waste
> of resources that went into a coin-flip :-). Much better is to use something
> cheaper like time-of-day XOR 1 << whatever.
Pseudo random numbers are so cheap (or they should be) that you
just don't want to try and 'optimize' here. It is much better to
be conservative and use a good PRNG until it *proves* to be very
problematic.
Cheers,
Jeroen
--
Jeroen C. van Gelderen o _ _ _
jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_)
_< \_ _>(_) (_)/<_ \_| \ _|/' \/
(_)>(_) (_) (_) (_) (_)' _\o_
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?394124C3.221E61BC>