Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Feb 2003 19:35:10 +0000
From:      David Malone <dwmalone@maths.tcd.ie>
To:        Mark Murray <mark@grondar.org>
Cc:        Bakul Shah <bakul@bitblocks.com>, "Jeroen C. van Gelderen" <jeroen@vangelderen.org>, phk@FreeBSD.ORG, current@FreeBSD.ORG
Subject:   Re: rand() is broken
Message-ID:  <20030202193510.A6945@graves.maths.tcd.ie>
In-Reply-To: <200302021908.h12J8laX050048@grimreaper.grondar.org>; from mark@grondar.org on Sun, Feb 02, 2003 at 07:08:47PM %2B0000
References:  <200302021848.NAA19508@agamemnon.cnchost.com> <200302021908.h12J8laX050048@grimreaper.grondar.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 02, 2003 at 07:08:47PM +0000, Mark Murray wrote:
> RC4 is _utterly_ repeatable, given a particular seed/key.

I presume it also produces reasonably uniform output for most
seeds too.

> > The old 16 bit rand() was broken enough that it didn't matter
> > much (read: _I_ don't care) if its behavior got changed but
> > random() has a pretty long cycle and enough "randomness" to
> > be very useful and it *is* used.
> 
> Yes. And it breaks, and we have a complainant.

I thought the complaint was about rand, not random?

> > If you think random() is not random enough for your purposes,
> > go create a new function with a *new* name.
> 
> Any supporters of this request?

I'd support that. People who are using rand and random for crypto type
randomness are deceiving themselves, as neither are portably suitable
for that use. Lots of people are using rand, random and the rand48
suite for simulation or games, and this type of randomness has different
requirements (as Bakul points out - repeatability being a useful one).

I'd suggest we ammend the rand and random man pages saying that sequences
produced from either cannot be expected to be suitable for cryptographic
purposes, but are should be OK for simulation and games. (I guess a
couple of numbers produced after calling srandomdev might be safe,
but I wouldn't like to bet on them being that safe...)

The man page can refer people on to arc4random, the apropriate OpenSSL
pages, uuidgen and so on. As different consumers have different, sometimes
contradictory, requirements for "randomness" it seems foolish to try to
lump them all into one group of functions.

	David.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030202193510.A6945>