Mike Silbersack wrote:
>
> On Fri, 8 Jun 2001, Don Lewis wrote:
>
> > Why not combine the two schemes and feed the random
> > per-host data from the cloned route entry into the
> > RFC1948 algorithm? This doesn't solve Terry's objection,
> > though.
>
> That thought had occured to me, but I'm not sure it would
> actually add any security.
It would not. Big Number Theory(tm) tells us that
multiplying or adding one random number to another
actually ends up with the result being _less random_.
> Terry needs to clarify his objections. #3 is the only one
> which is definitely valid.
I disagree (of course), but will clarify later in response
to your response; I really don't have time for the hour or
so of deep thinking necessary to refute your objections
(feel flattered, if you like, for "stumping" me... not
really that hard, since you seem to be on the ball 8-)),
since the points you raise involve some significant
subtleties that are not really obvious without a lot of
careful thought. I can't really do justice to the concepts
necessary to express the fundamental objections right now,
as I have other demands on my time which take precedence
right now (I'm just going through my email very quickly).
-- Terry
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
