Date: Fri, 9 Jun 2000 23:33:13 -0700 From: "Andrey A. Chernov" <ache@freebsd.org> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Mark Murray <mark@grondar.za>, Kris Kennaway <kris@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <20000609233313.A46973@freebsd.org> In-Reply-To: <20000609232358.A38967@freebsd.org>; from ache@freebsd.org on Fri, Jun 09, 2000 at 11:23:58PM -0700 References: <394124C3.221E61BC@vangelderen.org> <200006092002.WAA00773@grimreaper.grondar.za> <20000609155342.B33329@freebsd.org> <39417FA5.F260EAA8@vangelderen.org> <20000609232358.A38967@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 09, 2000 at 11:23:58PM -0700, Andrey A. Chernov wrote: > On Fri, Jun 09, 2000 at 07:37:09PM -0400, Jeroen C. van Gelderen wrote: > > > Why to XOR true random bits from arc4random() with non-random bits from > > > getpid()? It only weakens. Better way is just remove any getpid() code and > > > left arc4random() only. > > > > Then you will get collisions which you will have to deal with. I am not > > familiar with the code but if we can handle collisions nicely then that > > would be the way to go: 64^6 = 2^36 possibilities which is nice... > > 1) Just totally opposite: mixing random with non-random sources you'll get > into collision much faster then with random source only. To clarify this: I mean getpid() ^ arc4random() suggestion only. Current variant is more complex because part of name is getpid() to avoid collision and part is random. But avoiding collision in this way is less secure because it is more predictable for attacker. -- Andrey A. Chernov <ache@nagual.pp.ru> http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000609233313.A46973>