Date: Wed, 11 Jul 2001 01:35:43 +0900 (JST) From: HIRATA Yasuyuki <yasu@asuka.net> To: jandrese@mitre.org Cc: mike@sentex.net, stable@freebsd.org Subject: Re: Generating encrypted passwords Message-ID: <20010711013543O.yasu@asuka.net> In-Reply-To: <3B4B25A9.74D97085@mitre.org> References: <4.2.2.20010710081901.05a68008@192.168.0.12> <5.1.0.14.0.20010710102259.04255440@marble.sentex.ca> <3B4B25A9.74D97085@mitre.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, From: Jason Andresen <jandrese@mitre.org> To: Mike Tancsa <mike@sentex.net> Subject: Re: Generating encrypted passwords Date: Tue, 10 Jul 2001 11:56:26 -0400 Message-ID: <3B4B25A9.74D97085@mitre.org> > Doesn't the default seed just use /dev/urandom? I thought /dev/urandom > was good enough for seeding consumer type crypto stuff. Of course > if you don't have /dev/urandom is just uses it's process ID and the > system time, which is certainly not good enough for any kind of > crypto. random(4) manpage says: | As more and more random bytes are requested without giving time for | the entropy pool to recharge, this will result in lower quality | random numbers. I do not know weather it's enough or not. Do you think it is suitable for cryptographic purposes? > > srand (time ^ $$ ^ unpack "%L*", `ps axww | gzip`); > > At least the manpage isn't telling you to grab the first two bytes > off of a gzip output of ps axww, since that always returned the magic > number for gzip. npack "%L*" returns 32-bit checksum of the string, so you do not need to grab the first two. ---- HIRATA Yasuyuki http://yasu.asuka.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010711013543O.yasu>