[DragonFlyBSD - Bug #600] /sys/libkern/karc4random

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Mon Jan 19 03:07:10 PST 2015


Issue #600 has been updated by profmakx.

Description updated
Assignee changed from 0 to profmakx

>From a recent conversation with alexh on IRC. I'll assign this to myself and have a look.

13:18 <@ profmakx> alexh, you think we should use Chacha for (k)arc4random?
13:36 <@    alexh> well, yes, arc4, but the entropy isn't from arc4
13:36 <@    alexh> :)
13:37 <@    alexh> so just wondering where it gets the entropy form
13:37 <@    alexh> from
13:37 <@ profmakx> the entropy comes from read_random_unlimited
13:37 <@ profmakx> and hence from whatever is siet in randmode
13:37 <@    alexh> and that one uses what?
13:37 <@    alexh> hm
13:37 <@    alexh> does it?
13:37 <@    alexh> ok
13:37 <@ profmakx> per default mixed ibaa & csprng
13:38 <@    alexh> hm no
13:38 <@    alexh> seems to use IBAA only
13:38 <@    alexh> afaict
13:38 <@ profmakx> how do you tell?
13:39 <@    alexh> 609((u_char *)buf)[i] = IBAA_Byte();
13:39 <@    alexh> that is,
13:39 <@ profmakx> oh there
13:39 <@ profmakx> urgh
13:39 <@    alexh> that should probably use the csprng, or the usual mix
13:40 <@    alexh> although
13:40 <@    alexh> I think the reason I didn't change it is because urandom uses that
13:41 <@    alexh> for urandom, IBAA only is fine
13:41 <@    alexh> it'd probably be a good idea to split that out
13:41 <@    alexh> make a read_random_unlimited_cheap and read_random_unlimited
13:41 <@ profmakx> right
13:41 <@    alexh> use read_random_unlimited_cheap where proper randomness doesn't matter, e.g. urandom
13:42 <@    alexh> and use read_random_unlimited elsewhere, in the kernel, where it does matter
13:43 <@    alexh> not necessarily everywhere in the kernel
13:43 <@ profmakx> i just read that openbsd/netbsd use chacha for arc4random now
13:43 <@    alexh> just where it's used for some cryptographic purpose
13:43 <@    alexh> I mean, you can use tie it in directly into read_random_unlimited
13:43 <@    alexh> and remove the whole arc4random indirection
13:44 <@    alexh> but you'll still have to split out read_random_unlimited{,_cheap}  
13:45 <@ profmakx> ChaCha20 is also used for random number generator arc4random in OpenBSD, NetBSD and Dragonfly BSD operating systems, instead of "broken" RC4
13:45 <@ profmakx> hurr
13:45 <@ profmakx> factually wrong wikipedia articles for teh win
13:46 <@ profmakx> mhm the userspace arc4random does use /dev/random





----------------------------------------
Bug #600: /sys/libkern/karc4random
http://bugs.dragonflybsd.org/issues/600#change-12500

* Author: robin_carey5
* Status: New
* Priority: Low
* Assignee: profmakx
* Category: 
* Target version: 
----------------------------------------
What is the point of keeping/using the in-kernel arc4
random number generator when you already have a very
good/superior IBAA/L15 random number generator.

If you need a u_int32_t quantity then simply add a
function to /sys/kern/kern_nrandom.c to produce a
u_int32_t.

--

Some issues with /sys/libkern/karc4random.c :

(a) If you intend to keep /sys/libkern/karc4random.c I
recommend you make a modification to it to improve
performance: Every time the karc4_random() function is
called it calls getmicrotime(), to check the time, and
it also checks the number of runs made, to see if it
should reseed itself. You can make a big performance
improvement by removing this call to getmicrotime()
and instead simply checking the number of runs to
determine when it should reseed itself.

(b) The karc4random.c file uses u_int8_t types for
arc4_i, arc4_j and arc4_t so there is no need for the
% 256 operation - another performance improvement.

(c) In arc4_init() you are throwing away 256*4 bytes
of output, when you only need to throw away the first
256 bytes of output.

Sincerely,
R Carey.

      ___________________________________________________________
Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
now.
http://uk.answers.yahoo.com/



-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account



More information about the Bugs mailing list