Date: Mon, 25 Feb 2019 03:43:51 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 236010] rand(3) values strongly correlate with time while this doesn't have to be the case Message-ID: <bug-236010-227-3llwQxEFXG@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-236010-227@https.bugs.freebsd.org/bugzilla/> References: <bug-236010-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D236010 Kubilay Kocak <koobs@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |maintainer-feedback?(sectea | |m@FreeBSD.org) Assignee|bugs@FreeBSD.org |secteam@FreeBSD.org CC| |secteam@FreeBSD.org, | |security@FreeBSD.org Status|New |Open Keywords| |needs-qa Severity|Affects Only Me |Affects Some People --- Comment #1 from Kubilay Kocak <koobs@FreeBSD.org> --- This sounds like a request to improve the algorithm, not necessarily achiev= ing 'cryptographically secure', given these details from man rand(3): rand, srand, sranddev, rand_r =E2=80=93 bad random number generator <snip> The functions described in this manual page are not cryptographically secure. Cryptographic applications should use arc4random(3) instead. These interfaces are obsoleted by random(3). <snip> For better generator quality, use random(3) or lrand48(3). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-236010-227-3llwQxEFXG>