cvs commit: src/sys/libkern arc4random.c

[Poul-Henning Kamp]

In message <200308151959.h7FJxBOI004295 at grimreaper.grondar.org>, Mark Murray wr
ites:
>Sam Leffler writes:
>> > For the paranoids, this is cheap (almost free), and is solid from a
>> > arcfour-neurotic perspective.
>> 
>> I am not arguing for Mike to remove his change.  I am noting that making 
>> changes to critical system components w/o review and/or testing is 
>> dangerous.  Going forward we should have some tools for validating changes 
>> like this.  If the output of arc4random is available through a sysctl or 
>> similar then it could be a tool that sits in /usr/src/tools/tools. 
>> Otherwise it would be good to create a test module or similar to shunt 
>> arc4random data through rndtest.
>
>Tools can't test what we need tested here. Tools can test for varying
>degrees od statistical randomness, but _cryptographic_ randomness
>(which equates to "unpredictable by an observer") is harder. The
>best we can really do is attack it using cryptographic methodology,
>which at its lowest level is code review.

While that is true, it has also been shown that the errors most
likely to be missed by code reviews often make themselves obvious
in the distorted functioning of the code (ie: extra ';' after "if"
and similar).

So having a randomness regression test sounds like a good complement 
to reviews to me.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.