[ntp:security] [Bug 2666] non-cryptographic random number generator with weak seed

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri Nov 28 09:10:49 UTC 2014


http://bugs.ntp.org/show_bug.cgi?id=2666

--- Comment #8 from Stephen Röttger <stephen.roettger at gmail.com> 2014-11-28 09:10:49 UTC ---
I'm not familiar with arc4random, is it available on all supported platforms?
I read (sorry, can't find the link atm) that freebsd switched to a chacha
implementation since RC4 has weaknesses but that the Linux implementation (in
some library) didn't follow.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list