Re: [ANNOUNCE] glibc heap protection patch

[Jim Knoble <jmknoble () pobox com>]

Circa 2003-12-04 12:42:26 -0500 dixit Adam Shostack:

: On Wed, Dec 03, 2003 at 08:54:11AM +0100, Han Boetes wrote:
: | I ported arc4random from OpenBSD to linux some time ago. All I had to
: | do was to change the sysctl:
: | 
: |   http://www.xs4all.nl/~hanb/software/arc4random.tar.bz2
: 
: Can you explain why it's better than the kernel's randomness pool?

The arc4random() function does not deplete the Linux kernel's entropy
pool, as reading from /dev/random does.  As long as arc4random() is
properly seeded from /dev/random to begin with (and periodically stirred
with more entropy from /dev/random), it's perfectly good unpredictable
pseudorandom data, suitable for most anything except actually generating
cryptographic keys.

OpenBSD uses arc4random() as the basis for the mkstemp() function to
generate unpredictable temporary filenames, for example.

In sum, using a properly seeded arc4random() under Linux is similar to
reading from /dev/urandom, but it uses the ARC4 algorithm to generate
the pseudorandom data rather than the undocumented algorithm used by
Linux's /dev/urandom.

-- 
jim knoble  |  jmknoble () pobox com  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
 .....................................................................
 :"The methods now being used to merchandise the political candidate :
 : as though he were a deodorant positively guarantee the electorate :
 : against ever hearing the truth about anything."   --Aldous Huxley :
 :...................................................................:

Attachment: _bin
Description: