From owner-freebsd-bugs  Tue Mar 11 16: 0:51 2003
Delivered-To: freebsd-bugs@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F53937B401
	for <freebsd-bugs@freebsd.org>; Tue, 11 Mar 2003 16:00:50 -0800 (PST)
Received: from cvs.openbsd.org (cvs.openbsd.org [199.185.137.3])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DF62A43F3F
	for <freebsd-bugs@freebsd.org>; Tue, 11 Mar 2003 16:00:48 -0800 (PST)
	(envelope-from deraadt@cvs.openbsd.org)
Received: from cvs.openbsd.org (localhost [127.0.0.1])
	by cvs.openbsd.org (8.12.7/8.12.1) with ESMTP id h2C01aTL029674;
	Tue, 11 Mar 2003 17:01:36 -0700 (MST)
Message-Id: <200303120001.h2C01aTL029674@cvs.openbsd.org>
To: Robin Carey <robin@wizardsworks.org>
Cc: bugs@openbsd.org, freebsd-bugs@freebsd.org
Subject: Re: ARC4 algorithm 
In-reply-to: Your message of "Tue, 11 Mar 2003 15:51:27 PST."
             <Pine.LNX.4.44.0303111545450.7264-100000@wizardsworks.org> 
Date: Tue, 11 Mar 2003 17:01:36 -0700
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

> Fact: The ARC4 algorithm is multiply and badly broken.
> So why is it still being used in OpenBSD and FreeBSD ?
> 
> Here are two URLs which have free source code for CSPRNGs which are
> vastly superior to ARC4:
> 
> http://www.burtleburtle.net/bob/rand/isaac.html
> http://wizardsworks.org/~robin/leopard.html
> 
> Anybody who chooses to reply to this email better do so in a polite and
> friendly manner.

OK, how's this for polite:

It is used because it is not nearly as broken as you claim it to be.

Perhaps you are reading different books than I am reading.  Perhaps you
are not aware that the code is using well documented workarounds.

Secondly, we are not using replacements that are new and as yet not well
researched.

Thirdly, we are using ARC4 in places where it has specific values, and
I would be utterly shocked to see you find us using it in a place
where the flaws matter.

Is using ARC4 in our random number generator a security flaw?  Please
describe exactly how, but when you do, please don't include me in the cc.

I must thank you for your detailed analysis showing how we are using it
wrong.

Forever in your debt,

Theo.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message