On Sun, 18 Jun 2000, Warner Losh wrote:

> In message <[EMAIL PROTECTED]> "Jeroen C. van Gelderen" writes:
> : Pseudo random numbers are so cheap (or they should be) that you 
> : just don't want to try and 'optimize' here. It is much better to 
> : be conservative and use a good PRNG until it *proves* to be very
> : problematic.
> I disagree with this strongly.  PRNG have proven time and time again
> to weaken security due to their less than random nature.  It is my
> judgement that going down this path would be very bad, especially when 
> cryptographically strong random number generators exist and are part
> of the base FreeBSD system.  We should just use those...

Actually thats what Jeroen was referring to - use of arc4random(). It's
still a PRNG :-)


In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <[EMAIL PROTECTED]>

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to