lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 01 Jun 2010 14:52:42 +0200
From:	Lukasz Gromanowski <lgromanowski@...il.com>
To:	Petr Ovtchenkov <ptr@...d-ptr.info>
CC:	linux-kernel@...r.kernel.org
Subject: Re: constant half-byte from /proc/sys/kernel/random/uuid

Petr Ovtchenkov pisze:
> Lack of randomness during generating uuid.
> 
> Sample:
> 
> for i in 1 2 3 4 5 6 7 8 9; do cat /proc/sys/kernel/random/uuid ; done
> 
> 3faf5c7e-5e1b-4b3c-a318-979653d85404
> a929d2d3-e229-42ca-9f33-9c09801f41fb
> c2a96cb6-0dba-401c-a9c6-dabe1dec89d6
> df341de3-eb97-4327-bb63-46afd8dbfaa8
> 9d84d61c-0c55-4914-8bd6-7f1601110908
> 6d82e69b-418e-4189-b5a4-0661b6e24dcf
> eb38de66-4e0b-4bd0-827b-e75ba273e85a
> 5585c367-754f-4bbf-81f6-8a728380860d
> c074480b-ad5c-4e10-81d2-82225c449b91
> 
> 
> See on 7th high half-byte: it '4' in
> all cases---4b, 42, 40, 43, 49, 41,
> 4b, 4b, 4e. Checked three comps, with
> similar results. All Linux-generated UUID (boot_id)
> that I see in internet has '4' in this
> half-byte.

Hi,
quote from wikipedia[1]

"Version 4 (random)

Version 4 UUIDs use a scheme relying only on random numbers. This
algorithm sets the version number as well as two reserved bits.
All other bits are set using a random or pseudorandom data source.
Version 4 UUIDs have the form xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
with any hexadecimal digits for x but only one of 8, 9, A, or B for y.
e.g. f47ac10b-58cc-4372-a567-0e02b2c3d479."

[1] http://en.wikipedia.org/wiki/Universally_Unique_Identifier

-- 
best regards,
Lukasz
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ