[EMAIL PROTECTED] writes: > In message <[EMAIL PROTECTED]>, Mark Murray > wr > ites: > > >We have most of this, and RC4 can deliver. RC4's "licence" is > >fine. Call it "ArCFour" and there is no problem. The code is > >small, fast and repeatable, and meets conditions 1-4 above. > > There are some concerns about RC4's strength and predictability.
Not here. We are talking statistical randomness, not cryptographic. RC4 is juuuust fine. > In cases were we just want trivial "randomness", this doesn't matter, > but when we start to seed it with /dev/random to get good randomness > we to be more careful. Sure. srandomdev() needs to "burn" some output. > Maybe we should spend an AES on it, just in case ? Hold that thought. The "moral equivalent" of 'dd if=random() of=/dev/null bs=1 count=4096' is enough for now. Any problems, and I'll be right with you! M -- Mark Murray iumop ap!sdn w,I idlaH To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
