From owner-freebsd-current  Fri Jun  9 16:37:16 2000
Delivered-To: freebsd-current@freebsd.org
Received: from cypherpunks.ai (cypherpunks.ai [209.88.68.47])
	by hub.freebsd.org (Postfix) with ESMTP
	id E02D037C1F2; Fri,  9 Jun 2000 16:37:10 -0700 (PDT)
	(envelope-from jeroen@vangelderen.org)
Received: from vangelderen.org (grolsch.ai [209.88.68.214])
	by cypherpunks.ai (Postfix) with ESMTP
	id 693F94C; Fri,  9 Jun 2000 19:37:09 -0400 (AST)
Message-ID: <39417FA5.F260EAA8@vangelderen.org>
Date: Fri, 09 Jun 2000 19:37:09 -0400
From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: "Andrey A. Chernov" <ache@freebsd.org>
Cc: Mark Murray <mark@grondar.za>, Kris Kennaway <kris@FreeBSD.ORG>,
	current@FreeBSD.ORG
Subject: Re: mktemp() patch
References: <394124C3.221E61BC@vangelderen.org> <200006092002.WAA00773@grimreaper.grondar.za> <20000609155342.B33329@freebsd.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

"Andrey A. Chernov" wrote:
> 
> On Fri, Jun 09, 2000 at 10:02:44PM +0200, Mark Murray wrote:
> > > > But I repeat myself; are you still intending to use cryptographic security
> > > > for one bit? What does that buy you? An attacker will laugh at the waste
> > > > of resources that went into a coin-flip :-). Much better is to use something
> > > > cheaper like time-of-day XOR 1 << whatever.
> > >
> > > Pseudo random numbers are so cheap (or they should be) that you
> > > just don't want to try and 'optimize' here. It is much better to
> > > be conservative and use a good PRNG until it *proves* to be very
> > > problematic.
> >
> > Why not just XOR the whole lot into the current ${randomnumber}?
> > That way, at least the effort of the whole calculation is not wasted
> > as much.

Good point, there is no need to throw them away indeed.

> Why to XOR true random bits from arc4random() with non-random bits from
> getpid()? It only weakens. Better way is just remove any getpid() code and
> left arc4random() only.

Then you will get collisions which you will have to deal with. I am not
familiar with the code but if we can handle collisions nicely then that 
would be the way to go: 64^6 = 2^36 possibilities which is nice...

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
jeroen@vangelderen.org  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message