Deranged Mutant <wlkngowl@unix.asb.com> wrote:
maruishi@netcom.com wrote:
I was trying to think of a way to come up with true random numbers... And knowing a bit of UNIX socket TCP/IP programming I made a small [..]
I wouldn't trust the samples taken from networked sources.
Me neither, in general. A possible exception: I wonder if the checksums on Ethernet or IP packets use a reasonably strong CRC algorithm. If so, they might be a decent source of randomness in an environment where you could be sure the Black Hats couldn't see them. e.g. using only packets from your own LAN, suitably protected by firewall & good administration.
You're better off with a kernel patch that samples from local sources directly like disk or keyboard timing variations... such patches already exist, with similar drivers developed for DOS and OS/2 systems as well.
I'd be more inclined to hash the kernel's internal tables, e.g. process & file descriptor tables. These should vary quite a lot & if the enemy can see them, random number quality is the least of your worries. RFC 1750 is a good reference on this problem. -- Sandy Harris sharris@fox.nstn.ca