[PATCH v3] Seed random generator in main()
Andrew Bartlett
abartlet at samba.org
Wed Jun 17 16:33:33 MDT 2015
On Thu, 2015-06-18 at 09:28 +1200, Douglas Bagnall wrote:
> hi Simo,
>
> On 18/06/15 04:11, Simo wrote:
> > > On BSDs I would consider the system arc4random functions in that
> > > league. At least that's what all the documentation suggests.
> > > Please
> > > correct me if I'm wrong.
> >
> > Well given that RC4 streams are not considered secure anymore in
> > the
> > context of TLS connections, I am not sure a PRNG based on RC4
> > should be.
>
> Don't be fooled by the name. The arc4random functions use ChaCha20 in
> Open- and Net- BSDs, and I think the other ones are coming round.
> (See e.g. http://bxr.su/NetBSD/lib/libc/gen/arc4random.c or
> https://en.wikipedia.org/wiki/Salsa20#ChaCha20_adoption).
Sadly the libbsd version must have been taken from an older BSD, and
uses RC4 in a way I'm not entirely comfortable with (no hashing of the
data after reading the stream), compared with what we do internally.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Development and Support, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list