[Bug 236010] rand(3) values strongly correlate with time while this doesn't have to be the case
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Feb 25 03:43:53 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236010
Kubilay Kocak <koobs at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |maintainer-feedback?(sectea
| |m at FreeBSD.org)
Assignee|bugs at FreeBSD.org |secteam at FreeBSD.org
CC| |secteam at FreeBSD.org,
| |security at FreeBSD.org
Status|New |Open
Keywords| |needs-qa
Severity|Affects Only Me |Affects Some People
--- Comment #1 from Kubilay Kocak <koobs at FreeBSD.org> ---
This sounds like a request to improve the algorithm, not necessarily achieving
'cryptographically secure', given these details from man rand(3):
rand, srand, sranddev, rand_r – bad random number generator
<snip>
The functions described in this manual page are not cryptographically
secure. Cryptographic applications should use arc4random(3) instead.
These interfaces are obsoleted by random(3).
<snip>
For better generator quality, use random(3) or lrand48(3).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list