Date: Fri, 09 Jun 2000 22:02:44 +0200 From: Mark Murray <mark@grondar.za> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Kris Kennaway <kris@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <200006092002.WAA00773@grimreaper.grondar.za> In-Reply-To: <394124C3.221E61BC@vangelderen.org> ; from "Jeroen C. van Gelderen" <jeroen@vangelderen.org> "Fri, 09 Jun 2000 13:09:23 -0400." References: <394124C3.221E61BC@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > But I repeat myself; are you still intending to use cryptographic security
> > for one bit? What does that buy you? An attacker will laugh at the waste
> > of resources that went into a coin-flip :-). Much better is to use something
> > cheaper like time-of-day XOR 1 << whatever.
>
> Pseudo random numbers are so cheap (or they should be) that you
> just don't want to try and 'optimize' here. It is much better to
> be conservative and use a good PRNG until it *proves* to be very
> problematic.
Why not just XOR the whole lot into the current ${randomnumber}?
That way, at least the effort of the whole calculation is not wasted
as much.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006092002.WAA00773>