/dev/random and /dev/urandom

Stephen Samuel samuel at bcgreen.com
Sun May 11 16:05:43 PDT 2003

Robin Carey wrote:

> I've been looking at the FreeBSD and OpenBSD source code for these
> pseudo-devices; they both use MD5.
> But as I'm sure we all know, the security of MD5 is in doubt, and that's
> according to the FreeBSD manual pages (I haven't checked OpenBSD).
> According to the SSH Communications Security Website, MD5 should not be
> used in "new" programs.
> So the point I am making is that a better cryptographic checksum like SHA1
> should be used instead.

I'm going to answer this without looking at the code, and making
some prsumptions... My guess is that the code uses MD5 to generate
a 'randomized' value using bits from the internal entropy pool.
If that's what it's doing, thenthe 'insecurity' of MD5 isn't an
issue, because there's  almost no (or almos no) value for an attacker
to attempt to generate collisions.  Fact of the matter is that they
porbably don't have enough info to do something like that if they
wanted to.

To put it another way: Addition may be cryptographically insecure, but
that doesn't mean that you can't use it to calculate a hash.

Stephen Samuel +1(604)876-0426                samuel at bcgreen.com
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.

More information about the freebsd-bugs mailing list