Re: using /dev/random

On Tue, 23 Sep 2008 00:51:02 -0700
"Ted Mittelstaedt" <tedm@xxxxxxxxxxxxxxxx> wrote:


The canonical way is to use the functions random(), or srandom()
or srandomdev() or arc4random() depending on what
you need the random data for. /dev/random is really only
useful for seeding these functions (some of them pull data
from /dev/random internally)

It depends what you are trying to achieve, random and srandom aren't
considered to be cryptographically secure. The userland version of
arc4random() (which is RC4) is probably OK, but it's known to be
distinguishable from random, which is technically a break. The kernel
version is much less secure, because it's not guaranteed to be seeded
properly.

For non-trivial Monte-Carlo work you're better-off with something
intended for the purpose, such as the Mersenne Twister.

The device has thus been optimized
for seed generation to feed these other functions.

It wasn't, it was designed to be a fast and secure all-round random
number generator.

If you really want to roll-your-own and not use these functions
then you could read blocks from /dev/random and run
a Chi-square and Monte Carlo test on each
block and discard the ones that don't pass.

I've done my experimenting with the ENT program:

http://www.fourmilab.ch/random/

I'm sceptical about this, if Rijndael in counter-mode produced output
that's distinguishable from random numbers over a few thousand bytes it
would surely never have made it into the AES competition, let alone win
it.

_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"