Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14883
| From | Chet Ramey <chet.ramey@case.edu> |
|---|---|
| Newsgroups | gnu.bash.bug |
| Subject | Re: $RANDOM not Cryptographically secure pseudorandom number generator |
| Date | 2018-12-03 09:56 -0500 |
| Message-ID | <mailman.5079.1543849008.1284.bug-bash@gnu.org> (permalink) |
| References | <CA+4vN7zoPwhL5E82pDb=20yk4Dxdj=iRJiY2mmsbAtN1yqSeZw@mail.gmail.com> <868cc2da-cf67-298f-4640-ab1afcf857e0@case.edu> <CA+4vN7wkuCya7FES1HXiyFTF3a=pkVSdhVCthmjR29OwCAKZng@mail.gmail.com> |
On 12/2/18 6:13 PM, Ole Tange wrote: > On Wed, Nov 21, 2018 at 11:45 PM Chet Ramey <chet.ramey@case.edu> wrote: >> On 11/21/18 3:07 PM, Ole Tange wrote: >>> 'brand' in variables.c is comparable in size to ChaCha20 and ChaCha20 >>> is not completely broken: >>> https://en.wikipedia.org/wiki/Salsa20 >>> >>> Could we please replace 'brand' with ChaCha20? >> >> What is your application that you need something more complicated than >> the existing PRNG? > > I do not have that currently, but it seems like a fairly small change > and it seems odd to have modern software not use modern algorithms. There has to be a compelling reason to change this, especially at a point so close to a major release. You might be expecting too much from bash's random number generator. Is the problem that its period is at most 2**16? For its intended uses, the cycle length is acceptable. Do you disagree? -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: $RANDOM not Cryptographically secure pseudorandom number generator Chet Ramey <chet.ramey@case.edu> - 2018-12-03 09:56 -0500
csiph-web