Subject: Re: replace kernel random number function
To: None <tech-security@netbsd.org>
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
List: tech-security
Date: 10/22/2000 17:13:03
by mail.netbsd.org with SMTP; 22 Oct 2000 15:10:22 -0000
by rfhs8012.fh-regensburg.de (8.10.1/8.10.1) with ESMTP id e9MF9TG29991;
Sun, 22 Oct 2000 17:09:30 +0200 (MET DST)
Date: Sun, 22 Oct 2000 17:13:03 +0200 (MET DST)
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
To: tech-security@netbsd.org
cc: tech-kern@netbsd.org
Subject: Re: replace kernel random number function
In-Reply-To: <20001020230203.097CB7E46@starfruit.itojun.org>
Message-ID: <Pine.GSO.4.21.0010221712390.26027-100000@rfhpc8320.fh-regensburg.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Sat, 21 Oct 2000, Jun-ichiro itojun Hagino wrote:
> i plan to replace kernel random(9) with libc random(3) code,
> or arc4random. any comments?
>
> current random(9) is too weak, and allows security threat like we saw
> with TCP ISS guessing. libc random(3) code looks enough strong for
> polinomial random number generator.
Will that give us random(3) -> random(2)?
- Hubert
--
Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>