Re: Allegations regarding OpenBSD IPSEC

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Otto Moerbeek

Subject: Re: Allegations regarding OpenBSD IPSEC

Date: Wednesday, December 22, 2010 - 1:38 am

On Tue, Dec 21, 2010 at 07:45:09PM +0100, Kurt Knochner wrote:

quoted text> The in libc the rc4 state is only initialized once at the first call of
> arc4_stir() and then there are consecutive calls to arc4_addrandom() which
> is the equivalent of rc4_crypt(). So, there is a difference in the
> implementation. May this is just due to different authors.

There's also a different purpose. See below.

quoted text> 
> First question: Which one is the 'correct' implementation, as proposed in
> Applied Cryptography (hint in libc -> arc4random.c)?
> Second question: Does it matter if the implementation is different than the
> one in Applied Cryptography?

Applied Cryptography only has a sketch. Details have to be filled in.

In summary, the kernel arc4 is reseeded completely with bytes from the
entropy pool periodically, while the libc arc4 is seeded once with
bytes form the kernel arc4 at first use after process startup and then
stirred with a sequence of random bytes obtained from the kernel after
every x bytes produced. 

I can maybe guess why it is this way, but I'd like knowledgeable person to
comment on this.

Note that the userland arc4 IS reseeded after an exec and stirred
extra in the child on fork, probably to avoid leaking key state to new
processes.

	-Otto

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 9:59 am)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Tue Dec 21, 10:51 am)

Re: Allegations regarding OpenBSD IPSEC, Ted Unangst, (Tue Dec 21, 10:51 am)

Re: Allegations regarding OpenBSD IPSEC, Joachim Schipper, (Tue Dec 21, 11:21 am)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 11:45 am)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Tue Dec 21, 12:13 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 12:27 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 12:31 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 12:36 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Tue Dec 21, 12:37 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 12:54 pm)

Re: Allegations regarding OpenBSD IPSEC, Joachim Schipper, (Tue Dec 21, 1:04 pm)

Re: Allegations regarding OpenBSD IPSEC, Kjell Wooding, (Tue Dec 21, 1:24 pm)

Re: Improving early randomness (was: Allegations regarding ..., Joachim Schipper, (Tue Dec 21, 1:44 pm)

Re: Allegations regarding OpenBSD IPSEC, Ted Unangst, (Tue Dec 21, 2:00 pm)

Re: Allegations regarding OpenBSD IPSEC, Ted Unangst, (Tue Dec 21, 2:03 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 2:30 pm)

Re: Allegations regarding OpenBSD IPSEC, Jason Wright, (Tue Dec 21, 2:42 pm)

Re: Allegations regarding OpenBSD IPSEC, Ted Unangst, (Tue Dec 21, 2:54 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Tue Dec 21, 3:19 pm)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 3:21 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Wed Dec 22, 1:38 am)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
Linus Torvalds	Linux 2.6.34-rc4
Mingming Cao	Re: [RFC 1/4] Large Blocksize support for Ext2/3/4
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Len Brown	Re: fatal: unable to create '.git/index': File exists
Adeodato	Bazaar's patience diff as GIT_EXTERNAL_DIFF
Denis Bueno	Git clone error
Johannes Schindelin	Re: [PATCH 2/4] Add functions get_relative_cwd() and is_inside_dir()
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Sam Fourman Jr.	Re: Help with Altell PC6700
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
linux-netdev:
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Jarek Poplawski	Re: socket api problem: can't bind an ipv6 socket to ::ffff:0.0.0.0
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h