From owner-freebsd-current Fri Jun 9 15:53:47 2000 Delivered-To: freebsd-current@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 542) id D446137BD55; Fri, 9 Jun 2000 15:53:42 -0700 (PDT) Date: Fri, 9 Jun 2000 15:53:42 -0700 From: "Andrey A. Chernov" To: Mark Murray Cc: "Jeroen C. van Gelderen" , Kris Kennaway , current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <20000609155342.B33329@freebsd.org> References: <394124C3.221E61BC@vangelderen.org> <200006092002.WAA00773@grimreaper.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <200006092002.WAA00773@grimreaper.grondar.za>; from mark@grondar.za on Fri, Jun 09, 2000 at 10:02:44PM +0200 Organization: Biomechanoid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Jun 09, 2000 at 10:02:44PM +0200, Mark Murray wrote: > > > But I repeat myself; are you still intending to use cryptographic security > > > for one bit? What does that buy you? An attacker will laugh at the waste > > > of resources that went into a coin-flip :-). Much better is to use something > > > cheaper like time-of-day XOR 1 << whatever. > > > > Pseudo random numbers are so cheap (or they should be) that you > > just don't want to try and 'optimize' here. It is much better to > > be conservative and use a good PRNG until it *proves* to be very > > problematic. > > Why not just XOR the whole lot into the current ${randomnumber}? > That way, at least the effort of the whole calculation is not wasted > as much. Why to XOR true random bits from arc4random() with non-random bits from getpid()? It only weakens. Better way is just remove any getpid() code and left arc4random() only. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message