On Fri, 7 Jan 2005, Andries Brouwer wrote: > On Fri, Jan 07, 2005 at 02:05:36PM -0500, Ron Peterson wrote: > >> When I compile and run the code below, the string of octal characters >> generated by reading /dev/random contains long strings of zeroes. > > But it is your program that invents the zeros, they are not returned > by /dev/random. The bug in your program is failing to check the > return value of read(). > - Also, the following shows that the AND operation will destroy the randomness of the data. In this case I AND with 1, which should produce as many '1's as '0's, ... and clearly does not. Script started on Fri 07 Jan 2005 05:36:43 PM EST LINUX> cat >xxx.c #include #include #include #include #include #define LEN 0x20 void doit(unsigned char *buf) { size_t i, odds, evens; int fd, ret; odds = evens = 0; printf("Trying %s\n", buf); if((fd = open(buf, O_RDONLY)) < 0) exit(EXIT_FAILURE); if((ret = read(fd, buf, LEN)) > 0) { for(i=0; i< ret; i++) { if(buf[i] & 1) odds++; else evens++; printf("%02x", buf[i] & 1); } printf("\n odds = %u evens = %u\n", odds, evens); } (void)close(fd); } int main() { char buf[0x100]; strcpy(buf, "/dev/random"); doit(buf); strcpy(buf, "/dev/urandom"); doit(buf); return 0; } LINUX> gcc -Wall -O2 -o xxx xxx.c LINUX> ./xxx Trying /dev/random 0100000101010000010001000101000000000000000101000100010000000101 odds = 14 evens = 18 Trying /dev/urandom 0001010001000100000101000100010001000000000000000000010000000000 odds = 10 evens = 22 LINUX> ./xxx Trying /dev/random 0100000100010101000101010101010101000100010000010001010000000101 odds = 20 evens = 12 Trying /dev/urandom 0100000100000101010001000101010001010001000000010101010100010000 odds = 18 evens = 14 LINUX> exiit Script done on Fri 07 Jan 2005 05:37:37 PM EST Cheers, Dick Johnson Penguin : Linux version 2.6.10 on an i686 machine (5537.79 BogoMips). Notice : All mail here is now cached for review by Dictator Bush. 98.36% of all statistics are fiction.