Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 01 Oct 1995 22:26:41 +0200
From:      Mark Murray <mark@grondar.za>
To:        Terry Lambert <terry@lambert.org>
Cc:        mark@grondar.za (Mark Murray), hackers@FreeBSD.ORG
Subject:   Re: How to get to the hardware? 
Message-ID:  <199510012026.WAA07503@grumble.grondar.za>

next in thread | raw e-mail | index | archive | help
> > I am working on a device (/dev/random) to give truly nasty random numbers
> > for crypto/security use, and it is mostly going OK. I have some code
> > written by Theodore Ts'o, and it is good stuff, but it is for the Linux
> > kernel. Could someone please suggest to me the best way of doing the
> > following in the FreeBSD kernel: (I am not sure I like the concept of just
> > messing with the timer directly, and yes, I have had a look at microtime.s)
> > The bits I do not line are the outb_p() and inb_p(). There _has_ to be a
> > better way...
> 
> The code shown is pseudo-random.

The insides of TS'o's code hunt down many unpredictable and volatile
parameters in your machine, stirring them into a 'pool of entropy'
from which some truly nasty numers can be drawn.

> What's wrong with the linear congruential algorithm in ran48/drand48?

Everything. They are not random, and they form a trackable sequence.

The idea here is to generate a completely unpredictable starting point
from which an exponential key exchange can springboard itself.

Netscape was cracked because the possible starting points (time based)
were from too small a set, and a bit of computing power broke it.

This was well publicised on the net.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510012026.WAA07503>