This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Holger Freyther holger at freyther.de> On 27. Sep 2017, at 19:57, Harald Welte <laforge at gnumonks.org> wrote: > > For TMSI allocation, my "cryptographic gut feeling"[tm] is that something > like rand() or any other pseudo-random generator of significantly large > period is sufficient *if* it is seeded by a non-predictable value. So > something like seeding with getrandom() result should be fine? GLIBC rand() maybe but "any other" not. E.g. if it is a Mersenne Twister than observing ~624 TMSIs could be enough to predict past and future state. Picking something like RAND_bytes of OpenSSL for TMSIs seems to be the best way. It will re-seed itself (and we are not forking). If the OpenSSL dependency is too bad (license compatibility, the move to the Apache license could help us here for GPLv3+ software) then maybe the second best option is to take a "Fortuna"[1] implementation from somewhere? holger [1] https://en.wikipedia.org/wiki/Fortuna_(PRNG)