Subject: Re: random()
To: Steven M. Bellovin <>
From: Daniel Carosone <>
List: tech-security
Date: 09/06/2003 11:49:03
On Fri, Sep 05, 2003 at 08:56:44PM -0400, Steven M. Bellovin wrote:
> It's pretty good but not perfect.  I suspect that it's good enough for 
> profiling.  It would help to discard the first bytes generated by each 
> new key -- at least 16 bytes, probably 256 or even 512.

libkern's arc4random() does this automatically whenever it rekeys; we
throw away the first 256 32-bit words.