Thor Lancelot Simon <tls@rek.tjls.com> writes:
> On Tue, May 28, 2002 at 08:23:31PM -0400, Perry E. Metzger wrote:
> > I agree modulo one thing: RC4 is actually more or less as fast as
> > random() once initialized, so there is no real point in using random()
> > -- an RC4 based generator would actually work better and produce much
> > nicer data for things like monte carlo generators.
> 
> Well, then, let's just call it "random()".

Yup -- modulo the fact that I think (I may be mistaken) that Posix may
specify the algorithm.

> We should still rip out the current /dev/urandom interface and replace
> it with one of the two generators specified by the relevant standards;
> even the standard's SHA1-based generator really is no _worse_, and the
> block-cipher generator is in many ways better.

Agreed. (Though I would prefer AES to 3DES by a lot.)

> Yarrow would be a nice idea, but unfortunately the standards in question
> are quite strict, many people building products with NetBSD are _forced_
> to strictly conform to them, and neither one permits Yarrow.  The X9.31
> generator, perhaps hooked to an API that lets you choose the block cipher
> used, is probably the best bet.


--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/