From owner-freebsd-current  Sun Feb  2 11:35:17 2003
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B5A2237B405; Sun,  2 Feb 2003 11:35:15 -0800 (PST)
Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11])
	by mx1.FreeBSD.org (Postfix) with SMTP
	id A81C243F3F; Sun,  2 Feb 2003 11:35:13 -0800 (PST)
	(envelope-from dwmalone@maths.tcd.ie)
Received: from graves.maths.tcd.ie by salmon.maths.tcd.ie with SMTP
          id <aa57776@salmon>; 2 Feb 2003 19:35:12 +0000 (GMT)
Date: Sun, 2 Feb 2003 19:35:10 +0000
From: David Malone <dwmalone@maths.tcd.ie>
To: Mark Murray <mark@grondar.org>
Cc: Bakul Shah <bakul@bitblocks.com>,
	"Jeroen C. van Gelderen" <jeroen@vangelderen.org>, phk@FreeBSD.ORG,
	current@FreeBSD.ORG
Subject: Re: rand() is broken
Message-ID: <20030202193510.A6945@graves.maths.tcd.ie>
References: <200302021848.NAA19508@agamemnon.cnchost.com> <200302021908.h12J8laX050048@grimreaper.grondar.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.2i
In-Reply-To: <200302021908.h12J8laX050048@grimreaper.grondar.org>; from mark@grondar.org on Sun, Feb 02, 2003 at 07:08:47PM +0000
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

On Sun, Feb 02, 2003 at 07:08:47PM +0000, Mark Murray wrote:
> RC4 is _utterly_ repeatable, given a particular seed/key.

I presume it also produces reasonably uniform output for most
seeds too.

> > The old 16 bit rand() was broken enough that it didn't matter
> > much (read: _I_ don't care) if its behavior got changed but
> > random() has a pretty long cycle and enough "randomness" to
> > be very useful and it *is* used.
> 
> Yes. And it breaks, and we have a complainant.

I thought the complaint was about rand, not random?

> > If you think random() is not random enough for your purposes,
> > go create a new function with a *new* name.
> 
> Any supporters of this request?

I'd support that. People who are using rand and random for crypto type
randomness are deceiving themselves, as neither are portably suitable
for that use. Lots of people are using rand, random and the rand48
suite for simulation or games, and this type of randomness has different
requirements (as Bakul points out - repeatability being a useful one).

I'd suggest we ammend the rand and random man pages saying that sequences
produced from either cannot be expected to be suitable for cryptographic
purposes, but are should be OK for simulation and games. (I guess a
couple of numbers produced after calling srandomdev might be safe,
but I wouldn't like to bet on them being that safe...)

The man page can refer people on to arc4random, the apropriate OpenSSL
pages, uuidgen and so on. As different consumers have different, sometimes
contradictory, requirements for "randomness" it seems foolish to try to
lump them all into one group of functions.

	David.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message