Date: Sun, 11 May 2003 16:05:37 -0700 From: Stephen Samuel <samuel@bcgreen.com> To: Robin Carey <robin@wizardsworks.org> Cc: bugs@openbsd.org Subject: Re: /dev/random and /dev/urandom Message-ID: <3EBED741.9050000@bcgreen.com> In-Reply-To: <Pine.LNX.4.44.0305101426170.4644-100000@wizardsworks.org> References: <Pine.LNX.4.44.0305101426170.4644-100000@wizardsworks.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robin Carey wrote: > I've been looking at the FreeBSD and OpenBSD source code for these > pseudo-devices; they both use MD5. > > But as I'm sure we all know, the security of MD5 is in doubt, and that's > according to the FreeBSD manual pages (I haven't checked OpenBSD). > According to the SSH Communications Security Website, MD5 should not be > used in "new" programs. > > So the point I am making is that a better cryptographic checksum like SHA1 > should be used instead. I'm going to answer this without looking at the code, and making some prsumptions... My guess is that the code uses MD5 to generate a 'randomized' value using bits from the internal entropy pool. If that's what it's doing, thenthe 'insecurity' of MD5 isn't an issue, because there's almost no (or almos no) value for an attacker to attempt to generate collisions. Fact of the matter is that they porbably don't have enough info to do something like that if they wanted to. To put it another way: Addition may be cryptographically insecure, but that doesn't mean that you can't use it to calculate a hash. -- Stephen Samuel +1(604)876-0426 samuel@bcgreen.com http://www.bcgreen.com/~samuel/ Powerful committed communication, reaching through fear, uncertainty and doubt to touch the jewel within each person and bring it to life.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EBED741.9050000>