bin/61126: libc arc4random does not discard first N words (libkern
arc4random does)
Jeff Ito
jeffi at rcn.com
Fri Jan 9 07:10:36 PST 2004
>Number: 61126
>Category: bin
>Synopsis: libc arc4random does not discard first N words (libkern arc4random does)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Jan 09 07:10:23 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Jeff Ito
>Release: CURRENT
>Organization:
>Environment:
N/A
>Description:
libc's arc4random does not discard the first N words as suggested in the Fluher, Martin & Shamir paper, and as already implemented in libkern's arc4random
>How-To-Repeat:
N/A
>Fix:
Index: arc4random.c
===================================================================
RCS file: /cvs/fbsd/src/lib/libc/gen/arc4random.c,v
retrieving revision 1.6
diff -u -r1.6 arc4random.c
--- arc4random.c 22 Mar 2002 21:52:05 -0000 1.6
+++ arc4random.c 9 Jan 2004 14:59:43 -0000
@@ -45,6 +45,8 @@
static int rs_initialized;
static struct arc4_stream rs;
+static inline u_int32_t arc4_getword(struct arc4_stream *);
+
static inline void
arc4_init(as)
struct arc4_stream *as;
@@ -80,7 +82,7 @@
arc4_stir(as)
struct arc4_stream *as;
{
- int fd;
+ int fd, n;
struct {
struct timeval tv;
pid_t pid;
@@ -98,6 +100,14 @@
* stack... */
arc4_addrandom(as, (void *) &rdat, sizeof(rdat));
+
+ /*
+ * Throw away the first N words of output, as suggested in the
+ * paper "Weaknesses in the Key Scheduling Algorithm of RC4"
+ * by Fluher, Mantin, and Shamir. (N = 256 in our case.)
+ */
+ for (n = 0; n < 256; n++)
+ arc4_getword(as);
}
static inline u_int8_t
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list