This is already insecure; you can do better by reading 4 bytes from
/dev/{u,}random as appropriate. Also, I would probably use a
cryptographic hash function instead...if someone manages to recover
one of the random numbers you've generated with this PRNG, they can
recover the entire sequence; it's much more difficult to go back
with an appropriate hash function. You should also be able to do
other things that would hinder the forward prediction, as well...
-- Kevin L. Mitchell <klmitch@mit.edu> ------------------------- -. .---- --.. ..- -..- -------------------------- http://web.mit.edu/klmitch/www/ (PGP keys availiable from here) RSA AE87D37D/1024: DE EA 1E 99 3F 2B F9 23 A0 D8 05 E0 6F BA B9 D2 DSS ED0DB34E/1024: D9BF 0E74 FDCB 43F5 C597 878F 9455 EC24 ED0D B34E DH 2A2C31D4/2048: 1A77 4BA5 9E32 14AE 87DA 9FEC 7106 FC62 2A2C 31D4
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/