tech-security: replace kernel random number function

Subject: replace kernel random number function
To: None <tech-kern@netbsd.org, tech-security@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-security
Date: 10/21/2000 08:02:02

  by mail.netbsd.org with SMTP; 22 Oct 2000 07:14:58 -0000
	by starfruit.itojun.org (Postfix) with ESMTP
	id 097CB7E46; Sat, 21 Oct 2000 08:02:03 +0900 (JST)
To: tech-kern@netbsd.org, tech-security@netbsd.org
Subject: replace kernel random number function
Reply-To: tech-security@netbsd.org
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
Date: Sat, 21 Oct 2000 08:02:02 +0900
Message-Id: <20001020230203.097CB7E46@starfruit.itojun.org>

	i plan to replace kernel random(9) with libc random(3) code,
	or arc4random.  any comments?

	current random(9) is too weak, and allows security threat like we saw
	with TCP ISS guessing.   libc random(3) code looks enough strong for
	polinomial random number generator.

itojun