by mail.netbsd.org with SMTP; 22 Oct 2000 18:48:34 -0000
	by mail-green.research.att.com (Postfix) with ESMTP
	id BB90A1E00B; Sun, 22 Oct 2000 14:48:33 -0400 (EDT)
	by postal.research.att.com (8.8.7/8.8.7) with ESMTP id OAA05398;
	Sun, 22 Oct 2000 14:48:32 -0400 (EDT)
	by smb.research.att.com (Postfix) with ESMTP
	id 5A0A435DC3; Sun, 22 Oct 2000 11:56:44 -0400 (EDT)
From: "Steven M. Bellovin" <smb@research.att.com>
To: tech-security@netbsd.org
Cc: tech-kern@netbsd.org
Subject: Re: replace kernel random number function 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 22 Oct 2000 11:56:44 -0400
Message-Id: <20001022155644.5A0A435DC3@smb.research.att.com>

In message <20001020230203.097CB7E46@starfruit.itojun.org>, Jun-ichiro itojun H
agino writes:
>	i plan to replace kernel random(9) with libc random(3) code,
>	or arc4random.  any comments?
>
>	current random(9) is too weak, and allows security threat like we saw
>	with TCP ISS guessing.   libc random(3) code looks enough strong for
>	polinomial random number generator.
>
>itojun
>
Where will you get the seeds?  That's the really hard part.

arc4 (as a cipher) is not (quite) as random as one would like, in a 
cryptographic sense, though it's probably adequate for your purposes.

The right thing to do would be to port yarrow (see www.counterpane.com, 
though I don't have the link available just now and I'm offline when 
writing this).  Unfortunately, it's filled with lots of DLL-ish things.


		--Steve Bellovin