Re: Wanted: Secure-delete utility for Linux

Kev (klmitch@MIT.EDU)
Wed, 23 Dec 1998 14:35:36 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: =?iso-8859-1?Q?Johnny_Teve=DFen?=: "Re: Reading empty file (was: Re: /dev/full)"
Previous message: Linus Torvalds: "Re: if my new update_shared_mappings() races, vmtruncate is just racing , too"
In reply to: Mr. James W. Laferriere: "Re: net-tools 1.49 is released"

> > Unfortunately the current /dev/random and /dev/urandom are very slow in
> > generating data. Therefore I would rather like a /dev/frandom for fast,
> > low quality randomness.
>
> Write a tiny program for the task, something like:
[snip]
> x =3D time(NULL);

This is already insecure; you can do better by reading 4 bytes from
/dev/{u,}random as appropriate. Also, I would probably use a
cryptographic hash function instead...if someone manages to recover
one of the random numbers you've generated with this PRNG, they can
recover the entire sequence; it's much more difficult to go back
with an appropriate hash function. You should also be able to do
other things that would hinder the forward prediction, as well...

-- Kevin L. Mitchell <klmitch@mit.edu> ------------------------- -. .---- --.. ..- -..- -------------------------- http://web.mit.edu/klmitch/www/ (PGP keys availiable from here) RSA AE87D37D/1024: DE EA 1E 99 3F 2B F9 23 A0 D8 05 E0 6F BA B9 D2 DSS ED0DB34E/1024: D9BF 0E74 FDCB 43F5 C597 878F 9455 EC24 ED0D B34E DH 2A2C31D4/2048: 1A77 4BA5 9E32 14AE 87DA 9FEC 7106 FC62 2A2C 31D4

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: =?iso-8859-1?Q?Johnny_Teve=DFen?=: "Re: Reading empty file (was: Re: /dev/full)"
Previous message: Linus Torvalds: "Re: if my new update_shared_mappings() races, vmtruncate is just racing , too"
In reply to: Mr. James W. Laferriere: "Re: net-tools 1.49 is released"