Date: Thu, 2 Sep 1999 07:02:57 +0200 From: Geoff Rehmet <geoffr@is.co.za> To: "'Kris Kennaway'" <kris@hub.freebsd.org> Cc: hackers@freebsd.org, markm@iafrica.com, jlemon@freebsd.org Subject: RE: TCP sequence numbers Message-ID: <E3453EC6C52ED3118E7E0090275CD47CFFB0F3@isjhbex.is.co.za>
next in thread | raw e-mail | index | archive | help
> How do OpenBSD do it? They use arc4random(), to add a random increment. > Just curious whether you have a reference for doing this or > whether it was > an ad-hoc change. Playing with cryptographic algorithms isn't > usually a > good idea unless you're sure, as I'm sure you know. Yup - dead right. The requirements in this instance are however also slightly different to what you normally use a cryptographic hash for. I want to let the code be picked at a bit before it goes into the tree though. > > I'd expect Yarrow to be (perhaps quite a bit) slower than our existing > PRNG - it's a more conservative design and uses primitives > like SHA-1 (for > yarrow-160). I don't know how much of an impact this would be for > network performance. If it is only used to generate a secret every 5 minutes, that should not be a problem. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E3453EC6C52ED3118E7E0090275CD47CFFB0F3>