cvs commit: src/sys/libkern arc4random.c
Mark Murray
mark at grondar.org
Fri Aug 15 12:59:39 PDT 2003
Sam Leffler writes:
> > For the paranoids, this is cheap (almost free), and is solid from a
> > arcfour-neurotic perspective.
>
> I am not arguing for Mike to remove his change. I am noting that making
> changes to critical system components w/o review and/or testing is
> dangerous. Going forward we should have some tools for validating changes
> like this. If the output of arc4random is available through a sysctl or
> similar then it could be a tool that sits in /usr/src/tools/tools.
> Otherwise it would be good to create a test module or similar to shunt
> arc4random data through rndtest.
Tools can't test what we need tested here. Tools can test for varying
degrees od statistical randomness, but _cryptographic_ randomness
(which equates to "unpredictable by an observer") is harder. The
best we can really do is attack it using cryptographic methodology,
which at its lowest level is code review.
At that level, I have looked at the code, and plan to look at it some
more.
M
--
Mark Murray
iumop ap!sdn w,I idlaH
More information about the cvs-src
mailing list