         FreeBSD CURI IPsec u!C, 1/2CURoAEEI(c),! 3/4UCUR^1CUReCURECURI

  Honig David [FAMILY Given]

   <honig@sprynet.com>

   ^2thA:u: 8def749c53

   FreeBSD CURI The FreeBSD Foundation CURIAAD-I? 3/4|E,CURC,CUR^1!-L-

   Motif, OSF/1 CUR-aCUReCURO UNIX CURI YEN-c-YENaYENeYEN<<^1c,
   1/2DEG^1nCUR-aCUReCUROCUR 1/2CURIA 3/4CURI^1nCURECUR-aCUR+-CURe The Open
   Group CURIAAD-I? 3/4|E,CURC,!-c- IT DialTone CUR-aCUReCURO The Open Group
   CURIAE+-CUR,CUR- 3/4|E,CURC,CUR^1!-L-

   A 1/2ACUR 1/4OCUR-aCUReCUROEIC,a: 1/4OCURNOTA
   1/2EECURoP:eEICUR^1CUReCURICURE INCURCURCURAECURCURCUReE 1/2
   1/4"CURIA?CUR-CURI!-c- 3/4|E,CURECURuCUR`iCURAECURCURCURTHCUR^1!-L-
   CUR^3CURIE, 1/2nCUREAAD- 3/4`iCUR^1CUReE 1/2 1/4"CURICUR|CURA FreeBSD
   Project CURNOTCUR 1/2CURI
   3/4|E,CURo^3IC,S:CUR.CURAECURCURCUReCURaCURICURECURI!-c-CUR 1/2CURIE 1/2
   1/4"CUREA^3CURCURCURAE !O:*-c-i! * CURTHCUR?CURI !O:*-c-i! *
   u^1aeCURNOTCUR-aCUR<<CUR`iCURAECURCURCURTHCUR^1!-L-

   2013-11-13 07:52:45 +0000 !S: Hiroki Sato.
   ^3uI *

   IPsec CURoYENCURYENoYEN^1YENE! 1/4YENeCUR.CUR?>>th!-c- CUR
   1/2CUR`iCURNOTCURCURACURoCUREAEDEG-oiCUR.CURAECURCURCUReCUR<<CURECUR|CUR<<A:'CURUCUReCURECURICURECUR|CUR.CUR?CUReIECURCURCURC,CUR.CURc,CUR|?
   CUR^3CUR^3CURC,CURI!-c-IPsec CURIAEDEG-oiCURo,! 3/4UCUR^1CURe
   1/4A,^3AA-aCUREEyE!CURo 3/4O^2d-CUR.CURTHCUR^1!-L-

   [ ENOT^3a:EC, / A+-DEG`iEC, ]

     ----------------------------------------------------------------------

   IU: 1/4!

   1. Ia:Ae

   2. ^2o.eEyE!

   3.  1/4A,^3

   4. AiDEGO

   5. IPsec CURIA:euA

   6. IPsec CURIYENCURYENoYEN^1YENE! 1/4YENe

   7. src/sys/i386/conf/KERNELNAME

   8. Maurer's Universal Statistical Test (YENO:YENiYENAYEN-YENuYENCURYEN-o =
   8 YENOYENAYENE)

1. Ia:Ae

   CURTHCUR-o!-c-IPsec CURNOTYENCURYENoYEN^1YENE!
   1/4YENeCURuCUR`iCURAECURCURCUReCUR^3CURECURoADEGA:oCUREIACURo?ECURaCURTHCUR^1!-L-
   IPsec
   CURNOTCURCURACURoCUREAEDEG-oiCUR.CURAECURCURCUReCUR<<CURECUR|CUR<<AICUReCURECURICURECUR|CUR.CUR?CUReIECURCURCURC,CUR.CURc,CUR|?
   CURaCURACURiCURoAssA:eCURNOT'O:DEGaCURACURAECURCURCUR`iCURD-YENIYENAYENEYENi!
   1/4YEN-AU:A^3CURNOT^1OCURECUR"CURECURCURCURC,CUR.CURc,CUR|CUR.!-c-
   AU:A^3CURC,CURCUR?CURECURCURCUR|CUR^3CURECURIAssA:eCURNOT^1c,CURACURAECURCURCUReCUR<<CUReCURA!-c-CURECURCURCUR|C,S:
   1/4+-CURI'O:DEGaCURACURAECURCURCURTHCUR>>CURo!-L- AU:A^3 3/4oAO:CURI
   netstat(1)
   YEN^3YENTHYENoYENECURC,^3ICUR<<CURaCUReCUR^3CURECURNOTCURC,CURCURTHCUR^1!-L-
   CUR.CUR<<CUR.!-c-CUR 1/2CUR`iCURoAEEI(c)CUR.CURAE,!
   3/4UCUR^1CUReCUR^3CURECURI^2A:C, 1/2CURECURICURC,CUR.CURc,CUR|CUR<<?

2. ^2o.eEyE!

   -oC, 1/2eCURE!-c-DEGAA^1aeCURE>>ECURiCUR`iCURAECURCURCURe
   3/4d-EoIyIACURECURA:CURCURCURAE^1ICUR"CURTHCUR^1!-L-

    1. DEGAA^1ae^2 1/2CURuCUR`iCUR?YENC,!
       1/4YEN?CURI!-c-DEG`iIICUREENOTEUCUR.CURAECURCURCURe!-L-CURA:CURTHCURe!-c-
       ^3AE 3/4d-Eo,>>YEN.YENoYENU:YENeCURI-oC,Ac,CURIYEN"YENoYENEYENiYENO!
       1/4CURo>>yCURACURAECURCURCURe!-L-

    2. A:I 3/4i!-c-ICUR 1/2eIyCURIYENC,! 1/4YEN?CURa:DEGu
       1/2ICURuCUR`iCURAECURCURCURECURCURYENC,! 1/4YEN?CURI
       3/4eA:^1CURC,CUR-c-CURe!-L- CURA:CURTHCURe!-c-^3AE
       3/4d-Eo,>>YEN.YENoYENU:YENeCURIYEN"YENoYENEYENiYENO!
       1/4CURI-oC,Ac,CURC,CURICURECURCUR!-L-

   YENIYENAYENEYENi! 1/4YEN-YENCURYENoYEN?! 1/4YENOYENS:YENCURYEN^1CURoAEth
   1/2D-IICUR^1CUReYENC,! 1/4YEN?CURIYEN"YENoYENEYENiYENO!
   1/4CURoANOTA:eCURC,CURCUReCURE^2 3/4A:eCUR^1CUReCURE!-c- !O:DEGAA^1ae^2
   1/2CURuCUR`iCURAECURCURCURECURCURYENC,! 1/4YEN?! *CURE!O:DEGAA^1ae^2
   1/2CURuCUR`iCUR?YENC,! 1/4YEN?! *CURII 3/4 1/4OCURE!-c-
   DEGaCURCURCURo,<<CUReCUR^3CURECURNOTCURC,CURCUReCURICUR-oCURC,CUR^1!-L-
   CUR^3CURICUR^3CURECURI!-c-YENNYEN+-YENAYENECURIYENe!
   1/4YENAEYEN-L-YENoYENDEGCURNOT^1OCURECURiCUR`iCURe
   3/4`i^1c,CURIDEG`iEO:^3DEGA|CURI IP YENO/YENAYENACURECURE!-c- YENC,!
   1/4YEN?CURIDEG`iEoCURNOT !O:DEGAA^1ae^2 1/2YENa! 1/4YENE! *
   CURC,DEGAA^1ae^2
   1/2CURuCUR`iCURECUR<<CURACUR?CURECUR.CURAECURaA(R)I(c)CUR.CURTHCUR^1!-L-

  2.1. MUST

   Ueli Maurer >>aCURI !O:Universal Statistical Test for Random Bit
   Generators! * (MUST) CURI!-c-YENuYENoYEN *YENeYENC,!
   1/4YEN?CURIYEN"YENoYENEYENiYENO!
   1/4CURo^1aA(R)CUREANOTA:eCUR.CURTHCUR^1!-L- CUR^3CUR`iCURECURIDEGu
   1/2ICUREIECUR->>-:CUR?YEN-c-YENeYEN'YENeYEN-oYEN`aCURNOT>>ECURiCUR`iCURAECURCURCURTHCUR^1!-L-
   E,Eo:CURE 1/4"CUR^1CURICURI!-c-
   DEG`iCURA:CURIYENOYEN!YENCURYENeAaeCURC,I-c-A^3CUR^1CUReYENC,! 1/4YEN?
   (-oC,Ac, 0.25 YENaYENNOTYEND-YENCURYENE) CURoANOTA:eCUR^1CUReYEN^3!
   1/4YENECURC,CUR^1!-L-

  2.2. Tcpdump

   CURuCURAE 1/4!CURE!-c- 3/4aauCURE^2ACUR"CURAEYENIYENAYENEYENi! 1/4YEN-
   3/4aaCURIA,YENC,! 1/4YEN?CURoEaA-aCUR^1CUReCUR?CURaCURI 1/4eAECURaENOTI
   *CURECURECUReCURTHCUR^1!-L- CUR 1/2CUR`iCURo 1/4A, 1/2CUR^1CUReYEN
   *YENiYENDEGYENeYEN`aCURE!-c-tcpdump(1)
   CURE,AECURD-CUR`iCUReCURaCURICURNOTCUR-c-CUReCURTHCUR^1!-L-
   CUR?CURACUR.!-c-tcpdump CURo>>ECUR|CURECURI!-c- YEN<<!
   1/4YENIYENeYEN^3YENoYENOYEN-L-YENDEGYEN`i!
   1/4YEN.YENc,YENoYENOYEN!YENCURYENeCURECUR-aCURCURCURAE Berkeley Packet
   Filter YENCURYENoYEN?! 1/4YENOYENS:YENCURYEN^1CURNOTI,u^2
   1/2CURuCUR`iCURAECURCURCURECUR+-CUR`iCURD-CURECUReCURTHCUR>>CURo!-L-

   1/4!CURIYEN^3YENTHYENoYENE:

 tcpdump -c 4000 -s 10000 -w dumpfile.bin

   CURI!-c-4000 ,A:CURIA,YENNYEN+-YENAYENECURoEaA-aCUR.!-c-dumpfile.bin
   CUREuI?CUR.CURTHCUR^1!-L- CUR^3CURIIaCURICURC,CURI 10,000
   YEND-YENCURYENEDEGE^2
   1/4CURIYENNYEN+-YENAYENECURICURssuI?CURuCUR`iCURTHCUR^1!-L-

3.  1/4A,^3

   CURC,CURI!-c- 1/4A,^3CUR.CURAECURssCURTHCUR.CURc,CUR|!-L-

    1. IPsec YENUYEN^1YENECURE IPsec
       CURo>>ECURACURAECURCURCURECURCURYENUYEN^1YENECURII
       3/4EyCUREYENIYENAYENEYENi!
       1/4YEN-AU:A^3CUR.CURAECUR-CURACURuCURCUR!-L-

    2. CUR 1/2CUR.CURAE YENNYEN+-YENAYENECURIEaA-a
       CURo^3<<>>ICUR.CURTHCUR^1!-L-

    3. 1/4!CURE!-c-!O:IPsec CURo>>ECURACURAECURCURCURe! * AU:A^3CURC, yes(1)
       CURECURCURCUR| UNIX*-c-i YEN^3YENTHYENoYENECURo
       1/4A^1OCUR.CURTHCUR^1!-L- CUR^3CUR`iCURI!-c-y
       CURECURCURCUR|E,>>uCURII-c-A^3YENC,! 1/4YEN?CURo
       1/2D-IICUR^1CUReCURaCURICURC,CUR^1!-L-
       CUR.CURD-CUReCUR-CUR.CUR?CUReYEN^3YENTHYENoYENECURoA:a:>>ssCURuCUR>>!-c-IPsec
       CURo>>ECURACURAECURCURCURECURCURAU:A^3CUREAD-CUR.CURAEAE+-CUR,YEN^3YENTHYENoYENECURo
       1/4A^1OCUR.CURTHCUR^1!-L-
       CUR^3CURACUReCURa!-c-CUR.CURD-CUReCUR-CUR.CUR?CUReYEN^3YENTHYENoYENECURoA:a:>>ssCURuCUR>>CURAECUR-CURACURuCURCUR!-L-

    4. CUR^3CUR^3CURC,!-c-MUST CURoEaA-aCUR.CUR?YENNYEN+-YENAYENECURE
       1/4A^1OCUR^1CUReCURE!-c- 1/4!CURICUReCUR|CURE
       1/2D-IICURNOTAEACUReCUR`iCUReCURICUR-oCURC,CUR^1!-L- CUR^3CURIAaeCURC,
       1/2AAI *CURECURICURI!-c-'u:AOAI (7.18) CUREAD-CUR.CURAE!-c- IPsec
       CURo>>ECURACUR?AU:A^3CURNOT 93% (6.7)!-c- !O:A:I 3/4iCURI!
       *AU:A^3CURNOT 29% (2.1)
       CURECURCURCUR|.e^2ICURECURECURACURAECURCURCUReCUR^3CURECURC,CUR^1!-L-

 % tcpdump -c 4000 -s 10000 -w ipsecdemo.bin
 % uliscan ipsecdemo.bin

 Uliscan 21 Dec 98
 L=8 256 258560
 Measuring file ipsecdemo.bin
 Init done
 Expected value for L=8 is 7.1836656
 6.9396 --------------------------------------------------------
 6.6177 -----------------------------------------------------
 6.4100 ---------------------------------------------------
 2.1101 -----------------
 2.0838 -----------------
 2.0983 -----------------

4. AiDEGO

   CUR^3CURI 1/4A,^3CURIDEGAA^1ae^2 1/2CURIIyIACURNOT
   1/4"CUR^1CURECUR-aCURe!-c-IPsec
   CURo>>ECURACUR?A:I?(R)CURC,CURI^3ICUR<<CUREYENUYENCURYENi!
   1/4YENEAaeCURIYENC,!
   1/4YEN?CURE'THCURTHCUR`iCUReYEN.YENoYENU:YENeCURIA,u-^3II"CURNOTDEG`iIICUREENOTEUCUR^1CURe!-c-
   CURECURCURCUR|CUR^3CURECURo 1/4"CUR.CURAECURCURCURTHCUR^1!-L-
   CUR.CUR<<CUR.!-c-CUR^3CUR^3CURC, 1/4"CUR.CUR?
   1/4A,^3CURC,CURIYEN.YEN^1YENAEYEN`a 3/4aaCURI.c,'U
   (CUR-c-CUReCURICUR<<CURECUR|CUR<<AICUReCURTHCUR>>CURoCURNOT) CURo,!
   1/2D-CUR^1CUReCUR^3CURECURICURC,CURCURTHCUR>>CURo!-L-
   CUR^3CUR^3CURC,,ACUR|!O:.c,'U!
   *CURECURI!-c-CUR?CURECUR"CURD-DEGAA^1ae,DEGA,A(R)CURa:,o'^1CURIEOE-:CURa:!-c-
   YENC,! 1/4YEN?CURa:DEGAA^1ae,DEGCURNOTA
   3/4?ICURE,<<CUReCUR`iCURAECURCURCURECURCURCUR<<CURECUR|CUR<<CURECURCURCURACUR?Ia:Ae!-c-
   CUR-c-CUReCURCURCURIYEN-c-YENeYEN'YENeYEN-oYEN`aCURIP:-AAUCURICURECUR|CUR<<!-c-
   YEN<<! 1/4YENIYENeCURIYEND-!
   1/4YEN,YENc,YENoCURI^1c,CURACURAECURCURCUReCUR<<CURECURCURCURACUR?CUR^3CURECURC,CUR^1!-L-
   CUR^3CUR`iCUReCURIYEN 1/2!
   1/4YEN^1CURoA:'CURUCUR`iCURD-^3ICUR<<CURaCUReCUR^3CURECURNOTCURC,CURCURTHCUR^1!-L-

5. IPsec CURIA:euA

   YENCURYENoYEN?! 1/4YENIYENAYENEYEN *YENiYENEYEN^3YENe
   YEN>>YENYENaaYENeYENAEYEN-L-^3EA:YEN (Internet Protocol security
   extensions) CURI IP v4 CURE IP v6 CUREAANOTINCURuCUR`i!-c-IP v6 CURO/CURI
   1/4AAoCURIENOT?U:CURECURECURACURAECURCURCURTHCUR^1!-L- CUR^3CURIYEN
   *YENiYENEYEN^3YENeCURI IP (YENUYEN^1YENE'O:) YEN`iYENUYENeCURC,DEGAA^1ae^2
   1/2CUREC,S: 3/4UCURo 1/4A, 1/2CUR^1CUReCUR?CURaCURICURaCURICURC,CUR^1!-L-
   CUR?CURECUR"CURD- SSL CURIDEG`iCURA:CURIYEN-c-YEN *YENeYEN+-!
   1/4YEN.YENc,YENoYEN 1/2YEN+-YENAYENE!-c-SSH CURIYENiYENDEGYENCURYENo!-c-
   PGP CURIAEAA:eCURIYENOYEN!YENCURYENeCURa:YENaYENAYEN>>!
   1/4YEN,CURICURssCUREAD-CUR.CURAECUR 1/2CUR`iCUR
   3/4CUR`iDEGAA'ACURoA:oP:!CUR.CURTHCUR^1CURNOT!-c- IPsec CURI 2
   YENUYEN^1YENE'O:CURICUR^1CURUCURAECURIA:I?(R)CURoDEGAA^1ae^2
   1/2CUR.CURTHCUR^1!-L-

6. IPsec CURIYENCURYENoYEN^1YENE! 1/4YENe

   FreeBSD CURI-oC,P:aCURIYEND-! 1/4YEN,YENc,YENoCURC,CURI IPsec
   CURIYENuYENY! 1/4YENECURNOT'd-EU:CURIYEN 1/2! 1/4YEN^1YEN^3!
   1/4YENECURE'THCURTHCUR`iCURAECURCURCURTHCUR^1!-L- CUR
   1/2CUR`i,I!-c-CUR-c-CURECUR?CURICUR-aCUR 1/2CUReCUR- IPSEC YEN-aYEN
   *YEN.YENc,YENoCURoYEN<<!
   1/4YENIYENeYEN^3YENoYENOYEN-L-YENDEGYENOYEN!YENCURYENeCUREA:E^2ACUR.!-c-
   YEN<<! 1/4YENIYENeCURo-oAE^1 1/2AU/-oAEYENCURYENoYEN^1YENE!
   1/4YENeCUR.CURAE setkey(8) YEN^3YENTHYENoYENECURC, IPsec
   AU:A^3CURoAssA:eCUR^1CUR`iCURD-CUReCURCURCURICUR-oCURC,CUR^1!-L-

   FreeBSD CURC, IPsec CURo
   1/4A^1OCUR^1CUReEn^3c,AA-aCUREYENNOTYENCURYENECURI FreeBSD
   YENIYENoYENEYENO:YENAYEN-CURC,A:oP:!CURuCUR`iCURAECURCURCURTHCUR^1!-L-

7. src/sys/i386/conf/KERNELNAME

   YENIYENAYENEYENi! 1/4YEN-YENC,! 1/4YEN?CURo tcpdump(1)
   CURC,Ea:ACUR^1CUReCUR?CURaCURECURIYEN<<!
   1/4YENIYENeYEN^3YENoYENOYEN-L-YENDEGYENOYEN!YENCURYENeCURECURIDEGE^2
   1/4CURI^1OCURNOTENOTI *CURC,CUR^1!-L- A:E^2A,aa config(8) CURo
   1/4A^1OCUR.YEN<<! 1/4YENIYENeCURI-oAE^1 1/2AU/-oAEYENCURYENoYEN^1YENE!
   1/4YENeCURo ^1OCURECURACURAECUR-CURACURuCURCUR!-L-

 device  bpf

8. Maurer's Universal Statistical Test (YENO:YENiYENAYEN-YENuYENCURYEN-o = 8
YENOYENAYENE)

   AE+-DEG`iCURIYEN^3! 1/4YENECURo CUR^3CURIYENeYENoYEN-CUR<<CUReAEth
   1/4eCUR^1CUReCUR^3CURECURNOTCURC,CURCURTHCUR^1!-L-

 /*
   ULISCAN.c   ---blocksize of 8

   1 Oct 98
   1 Dec 98
   21 Dec 98       uliscan.c derived from ueli8.c

   This version has // comments removed for Sun cc

   This implements Ueli M Maurer's "Universal Statistical Test for Random
   Bit Generators" using L=8

   Accepts a filename on the command line; writes its results, with other
   info, to stdout.

   Handles input file exhaustion gracefully.

   Ref: J. Cryptology v 5 no 2, 1992 pp 89-105
   also on the web somewhere, which is where I found it.

   -David Honig
   honig@sprynet.com

   Usage:
   ULISCAN filename
   outputs to stdout
 */

 #define L 8
 #define V (1<<L)
 #define Q (10*V)
 #define K (100   *Q)
 #define MAXSAMP (Q + K)

 #include <stdio.h>
 #include <math.h>

 int main(argc, argv)
 int argc;
 char **argv;
 {
   FILE *fptr;
   int i,j;
   int b, c;
   int table[V];
   double sum = 0.0;
   int iproduct = 1;
   int run;

   extern double   log(/* double x */);

   printf("Uliscan 21 Dec 98 \nL=%d %d %d \n", L, V, MAXSAMP);

   if (argc < 2) {
     printf("Usage: Uliscan filename\n");
     exit(-1);
   } else {
     printf("Measuring file %s\n", argv[1]);
   }

   fptr = fopen(argv[1],"rb");

   if (fptr == NULL) {
     printf("Can't find %s\n", argv[1]);
     exit(-1);
   }

   for (i = 0; i < V; i++) {
     table[i] = 0;
   }

   for (i = 0; i < Q; i++) {
     b = fgetc(fptr);
     table[b] = i;
   }

   printf("Init done\n");

   printf("Expected value for L=8 is 7.1836656\n");

   run = 1;

   while (run) {
     sum = 0.0;
     iproduct = 1;

     if (run)
       for (i = Q; run && i < Q + K; i++) {
         j = i;
         b = fgetc(fptr);

         if (b < 0)
           run = 0;

         if (run) {
           if (table[b] > j)
             j += K;

           sum += log((double)(j-table[b]));

           table[b] = i;
         }
       }

     if (!run)
       printf("Premature end of file; read %d blocks.\n", i - Q);

     sum = (sum/((double)(i - Q))) /  log(2.0);
     printf("%4.4f ", sum);

     for (i = 0; i < (int)(sum*8.0 + 0.50); i++)
       printf("-");

     printf("\n");

     /* refill initial table */
     if (0) {
       for (i = 0; i < Q; i++) {
         b = fgetc(fptr);
         if (b < 0) {
           run = 0;
         } else {
           table[b] = i;
         }
       }
     }
   }
 }
