On Wed, May 29, 2002 at 04:58:57PM +0900, itojun@iijlab.net wrote:
> >2) If the reseeding from /dev/random can't be turned off, the code's not
> >   useful as random().  You yourself even suggested earlier that it would
> >   be desirable to use the code as random().
> 
> 	let me back up.  we cannot replace random() by arc4random() or other
> 	strong crypto logic.  there can be code that depends on its
> 	predictability (and i learned that there are).  so let me drop
> 	suggestions like "make random() to be a stronger random number" or
> 	"make random() an alias to arc4random()".

When you say "there can be code that depends on its predictability" do
you mean that you've found some code that depends on random() being a
linear congruential generator?  Ouch!

As Perry pointed out, when some of us suggested that arc4random() could
not replace random() because the output was not predictable, we were
actually being stupid; if you know the key, the output is, of course,
predictable.  So if that's the problem, it can be overcome by not
rekeying the cipher as the current code does (but this should probably
only be done in a debug mode).

-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud