Re: [dsfjdssdfsd] getentropy(2)
Watson Ladd <watsonbladd@gmail.com> Tue, 15 July 2014 14:09 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47B791A03F9 for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 15 Jul 2014 07:09:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_21=0.6, J_CHICKENPOX_36=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D8UCv3JJvk_9 for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 15 Jul 2014 07:09:06 -0700 (PDT)
Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03E9A1A03DE for <dsfjdssdfsd@ietf.org>; Tue, 15 Jul 2014 07:09:05 -0700 (PDT)
Received: by mail-yk0-f170.google.com with SMTP id 20so1651634yks.1 for <dsfjdssdfsd@ietf.org>; Tue, 15 Jul 2014 07:09:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=vG+cfbOWeI6sDdNa+nJu8Wa1A8zHAqnkrNy2cKqullw=; b=ogy0OxTwR14E/v5wF/DFLb8Fu/1+RgJChzufGDxVxrMEeaGbD7EuNVpBD9d9uG02At zHuJfRnDEyRyz+FJEDZ9pLgjwcSANp/rPDKuJFn5i/CvLxp5qUQEHbs7oUsGcXECUP+c C0aCujZagb7uksRUWOEsaPVFX94zCHppXNpituBX8ccqpkkY4hxqJ4VYhGqsidvZmUzD GFH10i7pJqUAtRdhdK4+fOd8Z9tWuieUny6VfyYuZ3ZTr+n7lN20Op3IXsctgwTz0Crl x7sbzoQlqvtgf6sXvSW93xtVYPLi5RSytcoT/YSnq1k57zHgrH6yR9i7I4MO4IMtitbL IOYg==
MIME-Version: 1.0
X-Received: by 10.236.25.234 with SMTP id z70mr40443234yhz.107.1405433345334; Tue, 15 Jul 2014 07:09:05 -0700 (PDT)
Received: by 10.170.202.8 with HTTP; Tue, 15 Jul 2014 07:09:05 -0700 (PDT)
In-Reply-To: <20140715131321.GA32728@thunk.org>
References: <CACsn0c=nt0bap4QvEwEt1kAP1zQ2p3BS2ykizRUbLPJxOSP4aQ@mail.gmail.com> <20140715082507.GA1451@thunk.org> <alpine.GSO.1.10.1407150825590.21571@multics.mit.edu> <20140715131321.GA32728@thunk.org>
Date: Tue, 15 Jul 2014 07:09:05 -0700
Message-ID: <CACsn0cnhAp5rt0ouRuZfxOVk8+Ma+uQPYDYdnKnZazLj8HBtew@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Theodore Ts'o <tytso@mit.edu>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/dsfjdssdfsd/JppntaahL6dFNHCAAwp2YmXA29g
Cc: "dsfjdssdfsd@ietf.org" <dsfjdssdfsd@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Subject: Re: [dsfjdssdfsd] getentropy(2)
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jul 2014 14:09:07 -0000
On Tue, Jul 15, 2014 at 6:13 AM, Theodore Ts'o <tytso@mit.edu> wrote: > On Tue, Jul 15, 2014 at 08:39:07AM -0400, Benjamin Kaduk wrote: >> >> I'm not confident that [all] application writers will even be competent to >> correctly choose amongst the 5 listed uses [plus whatever others might be >> added]. If it stays a small number of easily identified things, it might >> still be better than only exposing the blocking/nonblocking-ness directly, >> but it doesn't seem clear-cut to me. > > Well, a large number of these uses should be done in the crypto > library -- since if the application writer can't tell the difference > between an IV and a session key, I'm not sure I want that person > anywhere near crypto code... What is the difference in how random they should be? There isn't one, and making it exposable in system policy invites all sorts of issues. > >> BTW, FreeBSD exposes a sysctl MIB (CTL_KERN.KERN_ARND) to get entropy >> directly, saving syscalls over open("/dev/[u]random")/read()/close(). > > That only matters if you want to encourage applications to be > constantly asking the kernel to generate numbers, though, yes? I'm > arguing that it might be better to have a standardized userspace > library, ala OpenBSD's arc4random, which takes care of all of the OS > specific issues, and also provides a crypto-based DRBG. In that case, > it saves even more syscalls, since it only needs to read entropy from > the kernel at application startup time, and perhaps periodically every > so often when it wants to reseed, but not every single time you need > crypto-sensitive padding, IV's, session keys, etc. getentropy(2) could be getentropy(3). What's more important is what I want it to do - Block if the random system is not initialized (or return a return value indicating failure) - Return random numbers, even if I've forked or have a multithreaded process - Do so promptly Currently on Linux none of the available options work. Forking requires a post-fork call, /dev/random blocks constantly, and /dev/urandom does not block on startup. I'm probably going to open /dev/urandom: it's the best current alternative. Perhaps arc4random is better to imitate: I don't really care. I just need it to work and ship yesterday. Sincerely, Watson Ladd (And don't use RC4 for it!) > > Cheers, > > - Ted > > _______________________________________________ > dsfjdssdfsd mailing list > dsfjdssdfsd@ietf.org > https://www.ietf.org/mailman/listinfo/dsfjdssdfsd -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- [dsfjdssdfsd] getentropy(2) Watson Ladd
- Re: [dsfjdssdfsd] getentropy(2) Theodore Ts'o
- Re: [dsfjdssdfsd] getentropy(2) Benjamin Kaduk
- Re: [dsfjdssdfsd] getentropy(2) Theodore Ts'o
- Re: [dsfjdssdfsd] getentropy(2) Watson Ladd
- Re: [dsfjdssdfsd] getentropy(2) Alyssa Rowan
- Re: [dsfjdssdfsd] getentropy(2) Theodore Ts'o
- Re: [dsfjdssdfsd] getentropy(2) Watson Ladd