Date: Thu, 08 Jun 2000 19:24:10 +0200 From: Mark Murray <mark@grondar.za> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: Mark Murray <mark@grondar.za>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <200006081724.TAA00705@grimreaper.grondar.za> In-Reply-To: <Pine.BSF.4.21.0006072338550.73192-100000@freefall.freebsd.org> ; from Kris Kennaway <kris@FreeBSD.ORG> "Wed, 07 Jun 2000 23:44:02 MST." References: <Pine.BSF.4.21.0006072338550.73192-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > What is the purpose of this? It looks hugely wasteful to me. If you > > really need a single random bit, it is not good to waste a block of > > hard-gained gryptographic randomness; can you not use a pseudo-random > > bit-generator? > > arc4random() does not consume entropy except the first time it is called > and when explicitly reseeded through arc4random_stir(). Apart from that > it's a deterministic function (the arc4 stream cipher), but it's still a > reasonably good cryptographic PRNG because arc4 is a cryptographically > strong algorithm. But I repeat myself; are you still intending to use cryptographic security for one bit? What does that buy you? An attacker will laugh at the waste of resources that went into a coin-flip :-). Much better is to use something cheaper like time-of-day XOR 1 << whatever. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006081724.TAA00705>