tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: randomness (crypto?) code example wanted please?



On 25/06/2017 15:19, Robert Elz wrote:
     Date:        Sun, 25 Jun 2017 13:53:02 +0200
     From:        Kamil Rytarowski <n54%gmx.com@localhost>
     Message-ID:  <93fba221-3f6c-07be-8dc8-efd744c83786%gmx.com@localhost>

   | There is a libc function for this kind of tasks: arc4random_uniform(3).

Sorry, I had missed this message when I replied to Martin's (I did see
your later message).

It looks (from the man page) as if that function fails the "must be able
to generate the same sequence over and over again" requirement of $RANDOM

If there is some way to prevent the ...

	arc4random() seeds itself on a regular basis from
	the kernel strong random number subsystem described in rnd(4).

mechanism, and set an initial seed, and just generate based upon that
rather than a true randomness source, I don't see it.

There isn't .... at least not in NetBSD.


   | I was evaluation at some point whether this could be done differently,
   | with a dedicated userland random(1) program,

That could be done too.   sh's $RANDOM is not really intended for
anything of crypto strength I don't think.  I suspect half the
implementations just return rand(3) results (ie: garbage).

dhcpcd's implementation of IPv4LL has the same limitation, so I use random() there and arc4random/arc4random_uniform everywhere else.
https://dev.marples.name/source/dhcpcd/browse/master/src/ipv4ll.c;0d7318eaf52e59fdcff6c472ef8adafd5dbf2069$70

However, I do seed off the interfaces hardware address to avoid random clashes of IPv4LL address.
https://dev.marples.name/source/dhcpcd/browse/master/src/ipv4ll.c;0d7318eaf52e59fdcff6c472ef8adafd5dbf2069$359

Roy


Home | Main Index | Thread Index | Old Index