[487] in Kerberos
random_key()
daemon@TELECOM.MIT.EDU (Ted Anderson)
Thu Sep 1 16:44:47 1988
From: Ted Anderson <ota+@ANDREW.CMU.EDU>
To: kerberos@ATHENA.MIT.EDU
Cc: Mike Kazar <kazar+@ANDREW.CMU.EDU>
I was using the Kerberos DES package to run some experiments and I discovered
that the random_key package doesn't behave very well. In particular my program
was calling random_key, calling key_sched, and encrypting one number. What I
descovered is that after 170 thousand keys, about one in five keys returned was
in the table of 170 thousand keys. In fact I was getting several duplicates
even after the first few thousand.
I looked at the code and discovered that it is calling srandom() every time you
ask for a random key. It uses the time of day and so forth to seed srandom(),
but then the key is constructed from the first two values returned by random().
I reimplemented it by adding an init_random_key() routine that calls srandom()
and have random_key() just call random() twice. In 64 000 calls to this new
random_key() I've found no duplicates.
I understand that although the period of random() is very long (something like
2^1000) its output isn't, in fact, all that random. Better random values are
can be obtained by using an encryption algorithm. Since this is all part of an
encryption package, and the call to random_key() doesn't need to be all that
fast, maybe this would be an even better approach.
Ted Anderson
