From owner-freebsd-numerics@FreeBSD.ORG  Tue Mar 17 18:46:23 2015
Return-Path: <owner-freebsd-numerics@FreeBSD.ORG>
Delivered-To: freebsd-numerics@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 7A509693;
 Tue, 17 Mar 2015 18:46:23 +0000 (UTC)
Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu
 [128.95.76.21])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "troutmask", Issuer "troutmask" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 55C37880;
 Tue, 17 Mar 2015 18:46:23 +0000 (UTC)
Received: from troutmask.apl.washington.edu (localhost [127.0.0.1])
 by troutmask.apl.washington.edu (8.14.9/8.14.9) with ESMTP id t2HIkJRQ025248
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Tue, 17 Mar 2015 11:46:19 -0700 (PDT)
 (envelope-from sgk@troutmask.apl.washington.edu)
Received: (from sgk@localhost)
 by troutmask.apl.washington.edu (8.14.9/8.14.9/Submit) id t2HIkJkT025247;
 Tue, 17 Mar 2015 11:46:19 -0700 (PDT) (envelope-from sgk)
Date: Tue, 17 Mar 2015 11:46:18 -0700
From: Steve Kargl <sgk@troutmask.apl.washington.edu>
To: "Dennis E. Hamilton" <dennis.hamilton@acm.org>
Subject: Re: Random number generators
Message-ID: <20150317184618.GA24951@troutmask.apl.washington.edu>
References: <7CBD7758-9472-4A2E-8065-EC6E68EE8DAB@FreeBSD.org>
 <20150317060310.GA21975@troutmask.apl.washington.edu>
 <F6137E2C-FDF2-46B3-BFC2-1975AFA40951@FreeBSD.org>
 <00a001d060d7$0077f100$0167d300$@acm.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <00a001d060d7$0077f100$0167d300$@acm.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Cc: freebsd-numerics@FreeBSD.org, 'Pedro Giffuni' <pfg@FreeBSD.org>
X-BeenThere: freebsd-numerics@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Discussions of high quality implementation of libm functions."
 <freebsd-numerics.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-numerics>, 
 <mailto:freebsd-numerics-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-numerics/>
List-Post: <mailto:freebsd-numerics@freebsd.org>
List-Help: <mailto:freebsd-numerics-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-numerics>, 
 <mailto:freebsd-numerics-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 18:46:23 -0000

On Tue, Mar 17, 2015 at 10:22:51AM -0700, Dennis E. Hamilton wrote:
> 
> If you are serious about crypto grade randomness, libc is probably
> not the answer.  Generally, I don't think reliance on a single
> generator for general purpose use and for cryptographic quality
> is going to work well.  This is a very context-sensitive situation
> and addressing specific threat models against cryptographic PRGs
> is a very different matter from wanting unpredictable and good
> quality pseudo-randoms for simulations and other purposes.
> 

I intrepeted Pedro's original email to mean something better
than rand(3) and random(3).  Neither is appropriate for crypto,
and I'm certainly not claiming KISS by GM is suitable for
crypto either.  In fact, others have shown KISS isn't a good
source for crypto (http://eprint.iacr.org/2011/007.pdf).
For crypto randomness, as Pedro stated, use arc4random(3).
kiss(), as I posted here, is good enough to deal cards and
to do monte carlo simulations in various fields of physics.

-- 
Steve