On Jul 25, 2008, at 5:47 AM, Matthias Drochner wrote:
reed%reedmedia.net@localhost said:I am testing it as a replacement for arc4random to compare CPU usage.I'm noy a cryptography expert. Barely able to initiate a google search -- it yields that the M.T. is not considered suitable for cryptographic purposes. So if our version is modified, or there are other reasons which make it suitable as arc4random() replacement, it should be documented, to appease such concerns.
It's just as "suitable" as arc4random(). We don't actually have a cryptographically strong PRNG in the kernel. Both fail FIPS-140just as badly.