Random number generators

Steve Kargl sgk at troutmask.apl.washington.edu
Tue Mar 17 18:46:23 UTC 2015

On Tue, Mar 17, 2015 at 10:22:51AM -0700, Dennis E. Hamilton wrote:
> If you are serious about crypto grade randomness, libc is probably
> not the answer.  Generally, I don't think reliance on a single
> generator for general purpose use and for cryptographic quality
> is going to work well.  This is a very context-sensitive situation
> and addressing specific threat models against cryptographic PRGs
> is a very different matter from wanting unpredictable and good
> quality pseudo-randoms for simulations and other purposes.

I intrepeted Pedro's original email to mean something better
than rand(3) and random(3).  Neither is appropriate for crypto,
and I'm certainly not claiming KISS by GM is suitable for
crypto either.  In fact, others have shown KISS isn't a good
source for crypto (http://eprint.iacr.org/2011/007.pdf).
For crypto randomness, as Pedro stated, use arc4random(3).
kiss(), as I posted here, is good enough to deal cards and
to do monte carlo simulations in various fields of physics.


More information about the freebsd-numerics mailing list