On Wed, Jul 30, 2014 at 5:54 PM, dave paxton <dpax...@me.com> wrote: > ... > They were thinking that the problem from the recent random number issue > is a real problem in older 32 bit systems. ... One suggestion is they > used a get milli command to fill the 64 bits. I thought that was > silly. So I thought I would ask. That's clever idea was broken in 1996. They should add the PID so its as least as bad as Netscape's implementation. See http://www.cs.berkeley.edu/~daw/papers/ddj-netscape.html.
The source code for OpenSSL's default random number generator - md_rand - is located in <openssl src dir>/crypto/rand/md_rand.c. Its not hard to trace once you know where to look. Also see http://wiki.openssl.org/index.php/Random_Numbers. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
