Hosting Provided By

/dev/random and /dev/urandom

From: Robin Carey <robin(at)wizardsworks.org>
Date: Sat May 10 2003 - 17:32:17 EDT

I really don't know why I'm bothering to send this email, since what usually happens after sending an email to bugs@ is I get a lot of rude and unpleasant replies.

However.....

I've been looking at the FreeBSD and OpenBSD source code for these pseudo-devices; they both use MD5.

But as I'm sure we all know, the security of MD5 is in doubt, and that's according to the FreeBSD manual pages (I haven't checked OpenBSD). According to the SSH Communications Security Website, MD5 should not be used in "new" programs.

So the point I am making is that a better cryptographic checksum like SHA1 should be used instead.

cheers,
robin Received on Sat May 10 17:40:20 2003

This message: [ Message body ]
Next message: Theo de Raadt: "Re: /dev/random and /dev/urandom"
Previous message: Henric Jungheim: "Re: Kernel panic on Sparc64 with wi"
Next in thread: Theo de Raadt: "Re: /dev/random and /dev/urandom"
Reply: Theo de Raadt: "Re: /dev/random and /dev/urandom"
Reply: Stephen Samuel: "Re: /dev/random and /dev/urandom"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:29:57 EDT