Re: CVS commit: src/sbin/newfs

To: David Laight <david%l8s.co.uk@localhost>
Subject: Re: CVS commit: src/sbin/newfs
From: "Perry E. Metzger" <perry%piermont.com@localhost>
Date: 04 Sep 2003 13:51:43 -0400

David Laight <david%l8s.co.uk@localhost> writes:
> > > Maybe arc4random() could be used instead?
> > 
> > I'm not a huge believer in arc4random(), but it would be a strict (and
> > indeed substantial) improvement over a linear congruential generator,
> > yes. I would suggest making the alteration, and in the longer run we
> > should discuss improved algorithms.
> 
> Actually random() insn't a 'linear congruential generator', it is
> an 'Additive generator'. But to quote Schneier:
>     Additive generators (sometimes called lagged Fibonacci generators) are
>     extremely efficient because they produce random words instead of randmon
>     bits.  They are not secure on their own, but can be used as building
>     blocks for secure generators.

I don't think random() is in any case secure, or could be made secure
easily.

> The RC4 based random sequence generator is probably secure, given
> unknown key state.  RC4 itself is a trademarked - so an implementation
> has to call itself something else.

Ours calls itself "arc4", which is not a trademark.

-- 
Perry E. Metzger                perry%piermont.com@localhost

Follow-Ups:
- Re: CVS commit: src/sbin/newfs
  - From: David Laight

References:
- CVS commit: src/sbin/newfs
  - From: David Laight
- Re: CVS commit: src/sbin/newfs
  - From: Perry E. Metzger
- Re: CVS commit: src/sbin/newfs
  - From: David Laight
- Re: CVS commit: src/sbin/newfs
  - From: Perry E. Metzger
- Re: CVS commit: src/sbin/newfs
  - From: David Laight

Prev by Date: Re: CVS commit: src/sbin/newfs
Next by Date: CVS commit: src/sys/dev/pci
Previous by Thread: Re: CVS commit: src/sbin/newfs
Next by Thread: Re: CVS commit: src/sbin/newfs
Indexes:

Home | Main Index | Thread Index | Old Index