Re: /dev/random and /dev/psaux: too much entropy assumed?

David Whysong (dwhysong@physics.ucsb.edu)
Tue, 1 Jun 1999 13:26:09 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aaron Tiensivu: "[2.2.10-pre1] Boo boo in smbfs/inode.c"
Previous message: Aaron Tiensivu: "[2.2.10-pre1] Boo boo in arch/i386/lib/checksum.S"

On Tue, 1 Jun 1999, C. Scott Ananian wrote:
>On 1 Jun 1999, Florian Weimer wrote:
>
>> I would certainly like to end the thread after this, but I've got one
>> further question: The implementation of /dev/random assumes that the
>> output of the SHA-1 hash function is random for random (or almost random)
>> input. Neither the people on sci.crypt nor I know of any analysis
>> of SHA-1 in this direction (which doesn't prove anything of course).
>> Are there any particular reasons why SHA-1 was chosen to supersede MD5?
>> (It might indeed become practical to find collisions for MD5 soon,
>> but this doesn't mean that MD5 is not suitable for applications like
>> /dev/random.)
>
>Patent issues, I strongly suspect. And most of the applications for
>/dev/random don't actually require 'uniformly distributed' output (which
>is my guess as to what you mean by 'random'); rather they require
>'unguessable' output. SHA-1, being a strong one-way function, provides
>unguessable output.
> --s

What? /dev/random not uniform? You've got to be kidding!

I use /dev/random a great deal in setting up large n-body simulations,
which requires a very uniform distribution of numbers (huge monte-carlo
methods, srand() probably isn't good enough). If it doesn't have
'uniformly distributed' output, it really isn't random and I'd like to
know about that...

I did run some simple tests at one time and it looked uniform. But those
were pretty silly tests (i.e. make a million numbers in [0,1] and plot a
histogram).

Dave

David Whysong dwhysong@physics.ucsb.edu
Astrophysics graduate student University of California, Santa Barbara
My public PGP keys are on my web page - http://www.physics.ucsb.edu/~dwhysong
DSS PGP Key 0x903F5BD6 : FE78 91FE 4508 106F 7C88 1706 B792 6995 903F 5BD6
D-H PGP key 0x5DAB0F91 : BC33 0F36 FCCD E72C 441F 663A 72ED 7FB7 5DAB 0F91

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Aaron Tiensivu: "[2.2.10-pre1] Boo boo in smbfs/inode.c"
Previous message: Aaron Tiensivu: "[2.2.10-pre1] Boo boo in arch/i386/lib/checksum.S"