> > What is the purpose of this? It looks hugely wasteful to me. If you
> > really need a single random bit, it is not good to waste a block of
> > hard-gained gryptographic randomness; can you not use a pseudo-random
> > bit-generator?
> arc4random() does not consume entropy except the first time it is called
> and when explicitly reseeded through arc4random_stir(). Apart from that
> it's a deterministic function (the arc4 stream cipher), but it's still a
> reasonably good cryptographic PRNG because arc4 is a cryptographically
> strong algorithm.

But I repeat myself; are you still intending to use cryptographic security
for one bit? What does that buy you? An attacker will laugh at the waste
of resources that went into a coin-flip :-). Much better is to use something
cheaper like time-of-day XOR 1 << whatever.

Mark Murray
Join the anti-SPAM movement: http://www.cauce.org

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to