Project

General

Profile

Actions

Bug #1689

closed

IBAA recommendation

Added by robin.carey1 about 14 years ago. Updated about 9 years ago.

Status:
Closed
Priority:
Low
Assignee:
-
Category:
Crypto
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Dear DragonFlyBSD bugs.

DragonFly uses Bob Jenkins' IBAA CSPRNG for /dev/random.

I have been doing some work on this CSPRNG, which is available from:

http://www.leopard.uk.com/IBAA64

I have two recommendations to make with regard to the IBAA CSPRNG which is
used in DragonFly:

(1) Use my rounded up BETA=32/SHIFT=20 values as opposed to the original
SHIFT=19 value in the
original IBAA CSPRNG/algorithm (details available from above URL)

and

(2) Use a 32-bit counter. This is a minor modification, which gurantees no
bad states (an initial state of all zeroes
maps back to an internal state of all zeroes after 256 iterations), and
also guarantees a cycle length of at least
2^32. Details on how to implement the counter are available from the
above URL. It's a minor modification which
has minimal performance impact.
Also, a 64-bit version of IBAA is available from the above URL. Matthew
Dillon seemed to be interested in that, with
regard to the 64-bit x86-64 port of DragonFly (but I haven't heard back from
him about that).


Files

unnamed (1.4 KB) unnamed robin.carey1, 03/07/2010 06:42 PM
Actions #1

Updated by sjg almost 14 years ago

Is anyone who tracks bugs list/tracker qualified to comment on this?

Actions #2

Updated by dillon almost 14 years ago

:Samuel J. Greear <> added the comment:
:
:Is anyone who tracks bugs list/tracker qualified to comment on this?
:
:----------
:status: unread -> chatting

Yes we do want to make those changes as well as look into the
64-bit IBAA code. I haven't had time to do it myself so if
someone wants to take up either (or both) of these little projects
please do!
-Matt
Matthew Dillon
&lt;&gt;
Actions #3

Updated by dillon almost 14 years ago

:I have been doing some work on this CSPRNG, which is available from:
:
:http://www.leopard.uk.com/IBAA64
:
:I have two recommendations to make with regard to the IBAA CSPRNG which is
:used in DragonFly:
:
:(1) Use my rounded up BETA=32/SHIFT=20 values as opposed to the original
:SHIFT=19 value in the
:original IBAA CSPRNG/algorithm (details available from above URL)
:
:and
:
:(2) Use a 32-bit counter. This is a minor modification, which gurantees no
:bad states (an initial state of all zeroes
: maps back to an internal state of all zeroes after 256 iterations), and
:also guarantees a cycle length of at least
: 2^32. Details on how to implement the counter are available from the
:above URL. It's a minor modification which
: has minimal performance impact.
:Also, a 64-bit version of IBAA is available from the above URL. Matthew
:Dillon seemed to be interested in that, with
:regard to the 64-bit x86-64 port of DragonFly (but I haven't heard back from
:him about that).
:
:--
:Sincerely,
:Robin Carey

I see the shift in /usr/src/sys/kern/kern_nrandom.c, changing that
is easy. I don't know what the counter is though.
I'd like to have the 64-bit version in DFly but I don't have time to
port it myself.
-Matt
Actions #4

Updated by tuxillo about 9 years ago

  • Description updated (diff)
  • Category set to Crypto
  • Status changed from New to Feedback
  • Assignee deleted (0)
  • Priority changed from Normal to Low
  • Target version set to 4.2

Hi Alex,

Any opinion on this one?

Cheers,
Antonio Huete

Actions #5

Updated by alexh about 9 years ago

We should stay away from non-reviewed work in this area. Bob Jenkins' IBAA/ISAAC implementations have been used and reviewed a fair number of times, unlike rcarey's work.

The main reason we still have IBAA around is as a sort of safety net against any potential (implementation) bugs in the new CSPRNG. As such, it sounds like a pretty bad idea to try and tweak it like this.

IMO this should be closed, but I'll leave it up to you.

Actions #6

Updated by robin.carey1 about 9 years ago

Dear Antonio,

I believe the version of IBAA currently in the DragonFlyBSD tree was
updated to implement both of these adjustments/improvements.

Since DragonFlyBSD is now a 64-bit only O/S, you might want to consider
upgrading your 32-bit version of IBAA to 64-bit IBAA.

The 64-bit IBAA algorithm is available from my website:

http://www.leopard.uk.com/IBAA64

On 19 January 2015 at 13:59, <> wrote:

Issue #1689 has been updated by tuxillo.

Description updated
Category set to Crypto
Status changed from New to Feedback
Assignee deleted (0)
Priority changed from Normal to Low
Target version set to 4.2.x

Hi Alex,

Any opinion on this one?

Cheers,
Antonio Huete

----------------------------------------
Bug #1689: IBAA recommendation
http://bugs.dragonflybsd.org/issues/1689#change-12529

  • Author: robin.carey1
  • Status: Feedback
  • Priority: Low
  • Assignee:
  • Category: Crypto
  • Target version: 4.2.x
    ----------------------------------------
    Dear DragonFlyBSD bugs.

DragonFly uses Bob Jenkins' IBAA CSPRNG for /dev/random.

I have been doing some work on this CSPRNG, which is available from:

http://www.leopard.uk.com/IBAA64

I have two recommendations to make with regard to the IBAA CSPRNG which is
used in DragonFly:

(1) Use my rounded up BETA=32/SHIFT=20 values as opposed to the original
SHIFT=19 value in the
original IBAA CSPRNG/algorithm (details available from above URL)

and

(2) Use a 32-bit counter. This is a minor modification, which gurantees no
bad states (an initial state of all zeroes
maps back to an internal state of all zeroes after 256 iterations),
and
also guarantees a cycle length of at least
2^32. Details on how to implement the counter are available from the
above URL. It's a minor modification which
has minimal performance impact.
Also, a 64-bit version of IBAA is available from the above URL. Matthew
Dillon seemed to be interested in that, with
regard to the 64-bit x86-64 port of DragonFly (but I haven't heard back
from
him about that).

---Files--------------------------------
unnamed (1.4 KB)

--
You have received this notification because you have either subscribed to
it, or are involved in it.
To change your notification preferences, please click here:
http://bugs.dragonflybsd.org/my/account

--
Sincerely,

Robin Carey BSc

Actions #7

Updated by robin.carey1 about 9 years ago

Dear Alex,

You seem to be blissfully unaware that it already has "been tweaked" (to
use your wording).

On 19 January 2015 at 14:24, <> wrote:

Issue #1689 has been updated by alexh.

We should stay away from non-reviewed work in this area. Bob Jenkins'
IBAA/ISAAC implementations have been used and reviewed a fair number of
times, unlike rcarey's work.

The main reason we still have IBAA around is as a sort of safety net
against any potential (implementation) bugs in the new CSPRNG. As such, it
sounds like a pretty bad idea to try and tweak it like this.

IMO this should be closed, but I'll leave it up to you.

----------------------------------------
Bug #1689: IBAA recommendation
http://bugs.dragonflybsd.org/issues/1689#change-12535

  • Author: robin.carey1
  • Status: Feedback
  • Priority: Low
  • Assignee:
  • Category: Crypto
  • Target version: 4.2.x
    ----------------------------------------
    Dear DragonFlyBSD bugs.

DragonFly uses Bob Jenkins' IBAA CSPRNG for /dev/random.

I have been doing some work on this CSPRNG, which is available from:

http://www.leopard.uk.com/IBAA64

I have two recommendations to make with regard to the IBAA CSPRNG which is
used in DragonFly:

(1) Use my rounded up BETA=32/SHIFT=20 values as opposed to the original
SHIFT=19 value in the
original IBAA CSPRNG/algorithm (details available from above URL)

and

(2) Use a 32-bit counter. This is a minor modification, which gurantees no
bad states (an initial state of all zeroes
maps back to an internal state of all zeroes after 256 iterations),
and
also guarantees a cycle length of at least
2^32. Details on how to implement the counter are available from the
above URL. It's a minor modification which
has minimal performance impact.
Also, a 64-bit version of IBAA is available from the above URL. Matthew
Dillon seemed to be interested in that, with
regard to the 64-bit x86-64 port of DragonFly (but I haven't heard back
from
him about that).

---Files--------------------------------
unnamed (1.4 KB)

--
You have received this notification because you have either subscribed to
it, or are involved in it.
To change your notification preferences, please click here:
http://bugs.dragonflybsd.org/my/account

--
Sincerely,

Robin Carey BSc

Actions #8

Updated by robin.carey1 about 9 years ago

Dear Alex,

You keep referring to it (i.e. /dev/random) as a "CSPRNG"; that is
incorrect.

CSPRNG is an abbreviation for Cryptographically Secure Pseudo Random Number
Generator.

What /dev/random should be is a CSRNG (Cryptographically Secure Random
Number Generator) or CRNG (Cryptographic Random Number Generator).

On 19 January 2015 at 14:24, <> wrote:

Issue #1689 has been updated by alexh.

We should stay away from non-reviewed work in this area. Bob Jenkins'
IBAA/ISAAC implementations have been used and reviewed a fair number of
times, unlike rcarey's work.

The main reason we still have IBAA around is as a sort of safety net
against any potential (implementation) bugs in the new CSPRNG. As such, it
sounds like a pretty bad idea to try and tweak it like this.

IMO this should be closed, but I'll leave it up to you.

----------------------------------------
Bug #1689: IBAA recommendation
http://bugs.dragonflybsd.org/issues/1689#change-12535

  • Author: robin.carey1
  • Status: Feedback
  • Priority: Low
  • Assignee:
  • Category: Crypto
  • Target version: 4.2.x
    ----------------------------------------
    Dear DragonFlyBSD bugs.

DragonFly uses Bob Jenkins' IBAA CSPRNG for /dev/random.

I have been doing some work on this CSPRNG, which is available from:

http://www.leopard.uk.com/IBAA64

I have two recommendations to make with regard to the IBAA CSPRNG which is
used in DragonFly:

(1) Use my rounded up BETA=32/SHIFT=20 values as opposed to the original
SHIFT=19 value in the
original IBAA CSPRNG/algorithm (details available from above URL)

and

(2) Use a 32-bit counter. This is a minor modification, which gurantees no
bad states (an initial state of all zeroes
maps back to an internal state of all zeroes after 256 iterations),
and
also guarantees a cycle length of at least
2^32. Details on how to implement the counter are available from the
above URL. It's a minor modification which
has minimal performance impact.
Also, a 64-bit version of IBAA is available from the above URL. Matthew
Dillon seemed to be interested in that, with
regard to the 64-bit x86-64 port of DragonFly (but I haven't heard back
from
him about that).

---Files--------------------------------
unnamed (1.4 KB)

--
You have received this notification because you have either subscribed to
it, or are involved in it.
To change your notification preferences, please click here:
http://bugs.dragonflybsd.org/my/account

--
Sincerely,

Robin Carey BSc

Actions #9

Updated by alexh about 9 years ago

  • Status changed from Feedback to Closed

robin.carey1 wrote:

Dear Alex,

You keep referring to it (i.e. /dev/random) as a "CSPRNG"; that is
incorrect.

CSPRNG is an abbreviation for Cryptographically Secure Pseudo Random Number
Generator.

What /dev/random should be is a CSRNG (Cryptographically Secure Random
Number Generator) or CRNG (Cryptographic Random Number Generator).

Fortuna is a CSPRNG, which is what I'm referring to - its authors certainly say so :)

I'm not really going to be arguing with you about this. Whatever is implemented can stay implemented, and no, I'm not aware of every little bit that has or hasn't changed over the last 5 years.

I'm closing this.

Actions

Also available in: Atom PDF