arc4random vs RAND_pseudo_bytes

T_B T_B at sympatico.ca
Tue Sep 4 04:59:24 PDT 2007


Robert: I agree with this approach.  OpenSSL has been through a FIPS
certification (the 9.7 stream) and that examined its PRNG.  There seems to
be indications that the 9.8 stream will be going through FIPS soon.

Bill
----- Original Message ----- 
From: "Robert Connolly" <robert at linuxfromscratch.org>
To: "Hardened LFS Development List" <hlfs-dev at linuxfromscratch.org>
Sent: Monday, September 03, 2007 11:44 PM
Subject: arc4random vs RAND_pseudo_bytes


> arc4random() is a safe and secure prng, but I get no feedback about it.
Using
> RAND_pseudo_bytes() would have the affect of removing cryptography from
> Glibc, and using OpenSSL whenever possible, which is the direction I've
been
> going.




More information about the hlfs-dev mailing list