From owner-freebsd-current Sun Feb 2 1:11:10 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 84FC637B401 for ; Sun, 2 Feb 2003 01:11:08 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-67-115-74-80.dsl.lsan03.pacbell.net [67.115.74.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6470143F3F for ; Sun, 2 Feb 2003 01:11:07 -0800 (PST) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id BCFF567C6F; Sun, 2 Feb 2003 01:11:06 -0800 (PST) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 9A909908; Sun, 2 Feb 2003 01:11:06 -0800 (PST) Date: Sun, 2 Feb 2003 01:11:06 -0800 From: Kris Kennaway To: "Andrey A. Chernov" Cc: Kris Kennaway , current@FreeBSD.org Subject: Re: rand() is broken Message-ID: <20030202091106.GA72723@rot13.obsecurity.org> References: <20030202070644.GA9987@rot13.obsecurity.org> <20030202090422.GA59750@nagual.pp.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6c2NcOVqGQ03X4Wi" Content-Disposition: inline In-Reply-To: <20030202090422.GA59750@nagual.pp.ru> User-Agent: Mutt/1.4i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 02, 2003 at 12:04:22PM +0300, Andrey A. Chernov wrote: > Yes, first value correlation is there, but old formulae have even worse > effect "The random sequences do not vary much with the seed", as source > file comments and whole discussion about old RNG bad effects shown. I.e. = =20 > for different time+PID sequence, especially increased monotonically, like > in common practice, you'l got the same random sequence with old formulae > (which can't be called "works fine" because this fine work was the main > reason for change). So, returning to old formulae is not an option. >=20 > The real problem is not in formulae, but in srand() funclion. This simple > patch can fix first value correlation, and I plan to commit it, if we all > agree. I not find better value for NSHUFF right now, but think > that something like 10 will be enough to fight corellation completely. > Some generating picture tests needed. Another problem (noticed by tjr) is that once the sequence hits '0' it jumps to INT_MAX and stays there forever. For example, seeding with srand(0) produces nothing but INT_MAX from rand(). It looks like a lot more validation of this PRNG is needed. Kris --6c2NcOVqGQ03X4Wi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+POCqWry0BWjoQKURApTTAKCGV+NLYk2nEYyF/dL9N6YkMlpuowCgh5/K 5mHYw132I5P1PA6SVtlx6MY= =XdrF -----END PGP SIGNATURE----- --6c2NcOVqGQ03X4Wi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message