From owner-freebsd-current Sun Jun 11 1:25: 4 2000 Delivered-To: freebsd-current@freebsd.org Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138]) by hub.freebsd.org (Postfix) with ESMTP id BF8A637B759; Sun, 11 Jun 2000 01:24:45 -0700 (PDT) (envelope-from mark@grondar.za) Received: from grimreaper.grondar.za (localhost [127.0.0.1]) by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id KAA71268; Sun, 11 Jun 2000 10:23:47 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200006110823.KAA71268@grimreaper.grondar.za> To: "Andrey A. Chernov" Cc: current@FreeBSD.ORG Subject: Re: mktemp() patch References: <20000611005642.A53004@freebsd.org> In-Reply-To: <20000611005642.A53004@freebsd.org> ; from "Andrey A. Chernov" "Sun, 11 Jun 2000 00:56:42 MST." Date: Sun, 11 Jun 2000 10:23:47 +0200 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Huh? -1 is a constant, not random. Pass your data through _random_ bits, > > XORing it with them, and you have unbreakable crypto (one-time-pad) if you > > make a record of the random bits (the key). > > Yes, if passing _random_ through -1 _data_ not makes it strengthens, > passing through 1,2,3,4... _data_ will not makes it strenghthens too. Right, but the attacker doesn't always have access to the pid, so while it is _not_very_ random, under some circumstances it has _some_ useful randomness. > If attacker tries to predict random number generator itself and know pid and > mktemp() algorithm, adding getpid() bits he already know will not stop him > from this attack unless you plan to keep mktemp() algorihtm secret. Correct. However if you are collecting bits of randomness (or suspected randomness) from various sources, XORing them together is a cheap way of of combining them and obfuscating them, without making the total randomness any worse than the best of them. There are ways (eg: hash algorithms) of adding the total randomness. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message