6 Sep 2003 20:09
Re: CVS commit: src/sys/netinet
Steven M. Bellovin <smb <at> research.att.com>
2003-09-06 18:09:54 GMT
2003-09-06 18:09:54 GMT
In message <87ptid4wz6.fsf <at> snark.piermont.com>, "Perry E. Metzger" writes: > >David Laight <david <at> l8s.co.uk> writes: >> I'm not sure that arc4random is appropriate for ip sequence numbers, >> it doesn't have the correct properties. In particular the same output >> value can be generated by adjacent calls to the function - which you >> definitely don't want! This will be true for any generator with more >> that 32 bits of state (or rather if the required value is smaller than >> the state). > >Ideally, we want something that generates an unpredictable ergodic >sequence of some sort -- that is to say, a sequence guaranteed to >cycle through all possible values, but in an unpredictable order. > >I'm not entirely sure what the right way to do this is, though. > And does it in a way that avoids reuse -- even after rekeying -- too soon. --Steve Bellovin, http://www.research.att.com/~smb
RSS Feed