From owner-freebsd-current Sun Jun 11 0:56:48 2000 Delivered-To: freebsd-current@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 542) id 63F0137C84D; Sun, 11 Jun 2000 00:56:42 -0700 (PDT) Date: Sun, 11 Jun 2000 00:56:42 -0700 From: "Andrey A. Chernov" To: Mark Murray Cc: "Jeroen C. van Gelderen" , Kris Kennaway , current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <20000611005642.A53004@freebsd.org> References: <20000610195102.D99504@freebsd.org> <200006110724.JAA70920@grimreaper.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <200006110724.JAA70920@grimreaper.grondar.za>; from mark@grondar.za on Sun, Jun 11, 2000 at 09:24:37AM +0200 Organization: Biomechanoid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Jun 11, 2000 at 09:24:37AM +0200, Mark Murray wrote: > > If it not weakers I can't see why it strenghthens. > > I.e. you can constantly strenghthens generator with passing it through XOR -1 > ? > > If not, why any other value is better than -1? > > Huh? -1 is a constant, not random. Pass your data through _random_ bits, > XORing it with them, and you have unbreakable crypto (one-time-pad) if you > make a record of the random bits (the key). Yes, if passing _random_ through -1 _data_ not makes it strengthens, passing through 1,2,3,4... _data_ will not makes it strenghthens too. If attacker tries to predict random number generator itself and know pid and mktemp() algorithm, adding getpid() bits he already know will not stop him from this attack unless you plan to keep mktemp() algorihtm secret. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message