[DragonFlyBSD - Bug #2601] (Closed) IBAA and /dev/random

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Thu Jun 12 22:10:29 PDT 2014

Issue #2601 has been updated by dillon.

Status changed from New to Closed
% Done changed from 0 to 100

Closing.  Made modifications as requested and also adjusted /dev/urandom and the sysctl random to use IBAA (which is what /dev/random uses), so they all use IBAA now and nothing uses L15.  These changes will make it into the 3.8.1 roll on Monday June 16th 2014.

In the near future we will run with two independent algorithms and xor their streams together.  We are discussing this now.  3.8.1 will likely roll with just IBAA but if we get the second algorithm in place in the next few weeks we will MFC it to the release branch.


Bug #2601: IBAA and /dev/random

* Author: robin.carey1
* Status: Closed
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
Dear DragonFlyBSD bugs,

With regard to DragonFlyBSD IBAA & /dev/random implementation:

I noticed that Dragonfly bypasses IBAAs weak initial states (twice) by
"warming up" the CSPRNG in:

1) rand_initialize()


2) add_buffer_randomness()
I am referring to the Kernel file: /sys/kern/kern_nrandom.c


I realized that this "probably/might" solve the problem (of IBAAs weak
initial states, which leak the internal state) - but in my opinion does not
100%/definitely solve that problem.

I would like to point out that there is, in my opinion, a guaranteed way to
solve the above problem - and, which also eliminates the above code
duplication (two instances), to one instance.

Also, in my opinion using the new method I am suggesting might also
improve the quality of randomness output, by "smoothing out" the
internal state, i.e. if there is a non-uniform or "jaggedy"


The new method:

In the "read_random()" function:

Warm up the CSPRNG (IBAA) before producing any output. When I say
"warm up", I mean calling IBAA_Call() 10 times, e.g.:

 * Warm up the generator to get rid of weak initial states.
for (i = 0; i < 10; ++i)


If there are any questions, I am happy to discuss this by E-mail.

Thanks !


Robin Carey BSc

You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account

More information about the Bugs mailing list