Issue #2601 has been updated by robin.carey1.
Hi Antonio,
I tried to reply to bugtracker-ad...@leaf.dragonflybsd.org, because that
was who/what
sent the Reply/Response to my original bug-submission. And I seem to
remember your
name cropped up somewhere. So I assumed it was you I was replying to .
maybe you
are responsible for the bugtracker-admin account ?
In any case, the reply to bugtracker-admin never went through, so I
forwarded my
response to bugs@dragonflybsd.org (which seemed to work).
While I'm here: Happy Christmas to you all (and hopefully a good New Year
!!!) !
On 17 December 2013 15:54, wrote:
Issue #2601 has been updated by tuxillo.
Hi Robin,
Is this directed to me for some specific reason? I don't remember why.
Thanks for refreshing my memory :)
Cheers,
Antonio Huete
Bug #2601: IBAA and /dev/random
http://bugs.dragonflybsd.org/issues/2601#change-11673
* Author: robin.carey1
* Status: New
* Priority: Normal
* Assignee:
* Category:
* Target version:
Dear DragonFlyBSD bugs,
With regard to DragonFlyBSD IBAA /dev/random implementation:
I noticed that Dragonfly bypasses IBAAs weak initial states (twice) by
warming up the CSPRNG in:
1) rand_initialize()
and
2) add_buffer_randomness()
I am referring to the Kernel file: /sys/kern/kern_nrandom.c
--
I realized that this probably/might solve the problem (of IBAAs weak
initial states, which leak the internal state) - but in my opinion does not
100%/definitely solve that problem.
I would like to point out that there is, in my opinion, a guaranteed way to
solve the above problem - and, which also eliminates the above code
duplication (two instances), to one instance.
Also, in my opinion using the new method I am suggesting might also
improve the quality of randomness output, by smoothing out the
internal state, i.e. if there is a non-uniform or jaggedy
internal-state/memory.
--
The new method:
In the read_random() function:
Warm up the CSPRNG (IBAA) before producing any output. When I say
warm up, I mean calling IBAA_Call() 10 times, e.g.:
/*
* Warm up the generator to get rid of weak initial states.
*/
for (i = 0; i 10; ++i)
IBAA_Call();
--
If there are any questions, I am happy to discuss this by E-mail.
Thanks !
--
Sincerely,
Robin Carey BSc
--
You have received this notification because you have either subscribed to
it, or are involved in it.
To change your notification preferences, please click here:
http://bugs.dragonflybsd.org/my/account
--
Sincerely,
Robin Carey BSc
Bug #2601: IBAA and /dev/random
http://bugs.dragonflybsd.org/issues/2601#change-11674
* Author: robin.carey1
* Status: New
* Priority: Normal
* Assignee:
* Category:
* Target version:
Dear DragonFlyBSD bugs,
With regard to DragonFlyBSD IBAA /dev/random implementation:
I noticed that Dragonfly bypasses IBAAs weak initial states (twice) by
warming up the CSPRNG in:
1) rand_initialize()
and
2) add_buffer_randomness()
I am referring to the Kernel file: /sys/kern/kern_nrandom.c
--
I realized that this probably/might solve the problem (of IBAAs weak
initial states, which leak the internal state) - but in my opinion does not
100%/definitely solve that problem.
I would like to point out that there is, in my opinion, a guaranteed way to
solve the above problem - and, which also eliminates the above code
duplication (two instances), to one instance.
Also, in my opinion using the new method I am suggesting might also
improve the quality of randomness output, by smoothing out the
internal state, i.e. if there is a non-uniform or jaggedy
internal-state/memory.
--
The new method:
In the read_random() function:
Warm up the CSPRNG (IBAA) before producing any output. When I say
warm up, I mean calling IBAA_Call() 10 times, e.g.:
/*
* Warm up the generator to get rid of weak initial states.
*/
for (i = 0; i 10; ++i)
IBAA_Call();
--
If there are any questions, I am happy to discuss this by E-mail.
Thanks !
--
Sincerely,
Robin Carey BSc
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://bugs.dragonflybsd.org/my/account
