https://bugs.dragonflybsd.org/https://bugs.dragonflybsd.org/favicon.ico?16293952082007-04-12T04:47:02ZDragonFlyBSD bugtrackerDragonFlyBSD - Bug #600: /sys/libkern/karc4randomhttps://bugs.dragonflybsd.org/issues/600?journal_id=24962007-04-12T04:47:02Zdillon
<ul></ul><p>:What is the point of keeping/using the in-kernel arc4<br />:random number generator when you already have a very<br />:good/superior IBAA/L15 random number generator.<br />:<br />:If you need a u_int32_t quantity then simply add a<br />:function to /sys/kern/kern_nrandom.c to produce a<br />:u_int32_t.</p>
<pre><code>There are numerous references still around, many of which can<br /> probably be switched to the new in-kernel ABI trivially and<br /> some of which probably need a bit of review first. It is not<br /> on my priority list but if someone wants to start submitting<br /> tested patches I am certainly happy to commit them!</code></pre>
<pre><code>-Matt</code></pre> DragonFlyBSD - Bug #600: /sys/libkern/karc4randomhttps://bugs.dragonflybsd.org/issues/600?journal_id=78522009-11-27T23:16:17Zalexh
<ul></ul><p>Why can't all the references to karc4rand/karc4random just be switched over to <br />use kern_nrandom family?</p>
<p>Cheers,<br />Alex Hornung</p> DragonFlyBSD - Bug #600: /sys/libkern/karc4randomhttps://bugs.dragonflybsd.org/issues/600?journal_id=125002015-01-19T11:07:10Zprofmakxmarkus.pfeiffer@morphism.de
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/12500/diff?detail_id=2271">diff</a>)</li><li><strong>Assignee</strong> changed from <i>0</i> to <i>profmakx</i></li></ul><p>From a recent conversation with alexh on IRC. I'll assign this to myself and have a look.</p>
<p>13:18 <<code> profmakx> alexh, you think we should use Chacha for (k)arc4random?<br />13:36 <</code> alexh> well, yes, arc4, but the entropy isn't from arc4<br />13:36 <<code> alexh> :)<br />13:37 <</code> alexh> so just wondering where it gets the entropy form<br />13:37 <<code> alexh> from<br />13:37 <</code> profmakx> the entropy comes from read_random_unlimited<br />13:37 <<code> profmakx> and hence from whatever is siet in randmode<br />13:37 <</code> alexh> and that one uses what?<br />13:37 <<code> alexh> hm<br />13:37 <</code> alexh> does it?<br />13:37 <<code> alexh> ok<br />13:37 <</code> profmakx> per default mixed ibaa & csprng<br />13:38 <<code> alexh> hm no<br />13:38 <</code> alexh> seems to use IBAA only<br />13:38 <<code> alexh> afaict<br />13:38 <</code> profmakx> how do you tell?<br />13:39 <<code> alexh> 609((u_char *)buf)[i] = IBAA_Byte();<br />13:39 <</code> alexh> that is,<br />13:39 <<code> profmakx> oh there<br />13:39 <</code> profmakx> urgh<br />13:39 <<code> alexh> that should probably use the csprng, or the usual mix<br />13:40 <</code> alexh> although<br />13:40 <<code> alexh> I think the reason I didn't change it is because urandom uses that<br />13:41 <</code> alexh> for urandom, IBAA only is fine<br />13:41 <<code> alexh> it'd probably be a good idea to split that out<br />13:41 <</code> alexh> make a read_random_unlimited_cheap and read_random_unlimited<br />13:41 <<code> profmakx> right<br />13:41 <</code> alexh> use read_random_unlimited_cheap where proper randomness doesn't matter, e.g. urandom<br />13:42 <<code> alexh> and use read_random_unlimited elsewhere, in the kernel, where it does matter<br />13:43 <</code> alexh> not necessarily everywhere in the kernel<br />13:43 <<code> profmakx> i just read that openbsd/netbsd use chacha for arc4random now<br />13:43 <</code> alexh> just where it's used for some cryptographic purpose<br />13:43 <<code> alexh> I mean, you can use tie it in directly into read_random_unlimited<br />13:43 <</code> alexh> and remove the whole arc4random indirection<br />13:44 <<code> alexh> but you'll still have to split out read_random_unlimited{,_cheap} <br />13:45 <</code> profmakx> ChaCha20 is also used for random number generator arc4random in OpenBSD, NetBSD and Dragonfly BSD operating systems, instead of "broken" RC4<br />13:45 <<code> profmakx> hurr<br />13:45 <</code> profmakx> factually wrong wikipedia articles for teh win<br />13:46 <@ profmakx> mhm the userspace arc4random does use /dev/random</p>