Issue #2601 has been updated by dillon. Status changed from New to Closed % Done changed from 0 to 100
Closing. Made modifications as requested and also adjusted /dev/urandom and the sysctl random to use IBAA (which is what /dev/random uses), so they all use IBAA now and nothing uses L15. These changes will make it into the 3.8.1 roll on Monday June 16th 2014. In the near future we will run with two independent algorithms and xor their streams together. We are discussing this now. 3.8.1 will likely roll with just IBAA but if we get the second algorithm in place in the next few weeks we will MFC it to the release branch. -Matt ---------------------------------------- Bug #2601: IBAA and /dev/random http://bugs.dragonflybsd.org/issues/2601#change-12080 * Author: robin.carey1 * Status: Closed * Priority: Normal * Assignee: * Category: * Target version: ---------------------------------------- Dear DragonFlyBSD bugs, With regard to DragonFlyBSD IBAA & /dev/random implementation: I noticed that Dragonfly bypasses IBAAs weak initial states (twice) by "warming up" the CSPRNG in: 1) rand_initialize() and 2) add_buffer_randomness() I am referring to the Kernel file: /sys/kern/kern_nrandom.c ---------- I realized that this "probably/might" solve the problem (of IBAAs weak initial states, which leak the internal state) - but in my opinion does not 100%/definitely solve that problem. I would like to point out that there is, in my opinion, a guaranteed way to solve the above problem - and, which also eliminates the above code duplication (two instances), to one instance. Also, in my opinion using the new method I am suggesting might also improve the quality of randomness output, by "smoothing out" the internal state, i.e. if there is a non-uniform or "jaggedy" internal-state/memory. -------------- The new method: In the "read_random()" function: Warm up the CSPRNG (IBAA) before producing any output. When I say "warm up", I mean calling IBAA_Call() 10 times, e.g.: /* * Warm up the generator to get rid of weak initial states. */ for (i = 0; i < 10; ++i) IBAA_Call(); -------------- If there are any questions, I am happy to discuss this by E-mail. Thanks ! -- Sincerely, Robin Carey BSc -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account