svn commit: r317015 - in head/sys: boot/forth conf crypto/chacha20 dev/random libkern sys

Mark R V Murray markm at FreeBSD.org
Sun Apr 16 14:36:37 UTC 2017 

> On 16 Apr 2017, at 15:21, Rodney W. Grimes <freebsd at pdx.rh.CN85.dnsmgr.net> wrote:
>>>> RC4 has been standard for many years.
>>> Probably another rapid mode of design rather than a thoughful mode, we
>>> have a chance to correct this here, and imho, should.
>> 
>> Fix it, sure. What's wrong with doing that as a next step? Why does this
>> change need to be held to ransom?
> 
> Thats a fair point, let me counter, why do I want this change at all?

RC4 is broken cryptographically. FreeBSD was lagging behind in still using it.

> Is it just the new kid on the block and everyone wants to play with the
> new toy, or does it bring the users some wonderful star bright feature
> that they just can not live without?  Is arc4random(9) some how fundementaly
> broken without chacha?

Most folks won't notice a darn thing. Crap random numbers are very often
hard to tell apart from good ones, and if you are not depending on them in a
relevant way you won't notice anything.

The big deal is that the attack vector for folks counting on (broken)
RC4 is now gone. For most FreeBSD users this is theoretical interest only.

> Your code in and working now? 

Yes.

> We just have 2 implementations of chacha, correct?

Correct.

> One in your static compiled in kernel section, and one as an LKM?

Correct. The latter startled me when it arrived.

>>>> Up until now, arc4random worked with unconditional RC4.
>>> 
>>> And your wanting to just replace unconditional RC4 for unconditional chacha?
>>> Or actuall, aleady did?
>> 
>> Correct. Both counts. It was up on Phabricator for weeks, BTW.
> 
> We are having what I believe is a very serious disjoint in project communications
> caused by phabricator.  How are the developers notified of new things going
> up in phabricator?  I get bugzilla reports, but I get zip from phabriactor unless
> I go ask it for stuff.   I get #network stuff cause I saw that in a commit that
> I would of liked to been aware of early and added into that project, but overall
> I think we need to work on this communcations too.

True. I promised SO@ that I would get all my CSPRNG stuff reviewed in Phabricator
before committing it. All the folks who in the past have cared about my work now
are on the relevant watch-list. Apart from spamming everyone, what do you suggest?

M
-- 
Mark R V Murray

More information about the svn-src-head mailing list