Bugtraq mailing list archives
Re: preventing sequence number guessing
From: proff () suburbia apana org au (Julian Assange)
Date: Sun, 29 Jan 1995 22:49:09 +1100 (EST)
~/scratch/md5 $ time ./md5drivr -t MD5 time trial. Digesting 1000000 8-byte blocks ... done Digest = 2278bf63bfa354c582138cde1233fd15 Time = 7 seconds Speed = 1142857 bytes/second 6.776s real 6.680s user 0.090s system 99% ./md5drivr -tSo it takes about 7 u-seconds to MD5 hash a small block on a fairly wimpy Sun. [It's faster on faster boxes, of course.]Perhaps not. MD5 has relatively high overhead; that is, in the time = overhead + (perbyte * bytes)
Don't forget alsothe that above example also most likely ran entirely within the cache on an unloaded machine. In a real-life circimstance it would be inter spliced with both much other kernel level networking code and the user-level processes that are the initial/final senders/recpients of the TCP packets. The reality is that cryptographically secure sequence numbers are not needed. There are ample other sources for truely random variables of small enough granularity within most kernel data spaces. Proff
Current thread:
- Re: preventing sequence number guessing der Mouse (Jan 28)
- Re: preventing sequence number guessing Julian Assange (Jan 29)
- Re: preventing sequence number guessing Paul Robinson (Jan 29)
- <Possible follow-ups>
- Re: preventing sequence number guessing Paul Robinson (Jan 29)
- Re: preventing sequence number guessing der Mouse (Jan 30)