Date: Sun, 2 Feb 2003 01:11:06 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: Kris Kennaway <kris@obsecurity.org>, current@FreeBSD.org Subject: Re: rand() is broken Message-ID: <20030202091106.GA72723@rot13.obsecurity.org> In-Reply-To: <20030202090422.GA59750@nagual.pp.ru> References: <20030202070644.GA9987@rot13.obsecurity.org> <20030202090422.GA59750@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 02, 2003 at 12:04:22PM +0300, Andrey A. Chernov wrote: > Yes, first value correlation is there, but old formulae have even worse > effect "The random sequences do not vary much with the seed", as source > file comments and whole discussion about old RNG bad effects shown. I.e. = =20 > for different time+PID sequence, especially increased monotonically, like > in common practice, you'l got the same random sequence with old formulae > (which can't be called "works fine" because this fine work was the main > reason for change). So, returning to old formulae is not an option. >=20 > The real problem is not in formulae, but in srand() funclion. This simple > patch can fix first value correlation, and I plan to commit it, if we all > agree. I not find better value for NSHUFF right now, but think > that something like 10 will be enough to fight corellation completely. > Some generating picture tests needed. Another problem (noticed by tjr) is that once the sequence hits '0' it jumps to INT_MAX and stays there forever. For example, seeding with srand(0) produces nothing but INT_MAX from rand(). It looks like a lot more validation of this PRNG is needed. Kris --6c2NcOVqGQ03X4Wi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+POCqWry0BWjoQKURApTTAKCGV+NLYk2nEYyF/dL9N6YkMlpuowCgh5/K 5mHYw132I5P1PA6SVtlx6MY= =XdrF -----END PGP SIGNATURE----- --6c2NcOVqGQ03X4Wi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030202091106.GA72723>