[haiku-development] Re: Crypto Kit and randomness

• From: Adrien Destugues <pulkomandy@xxxxxxxxxxxxx>
• To: haiku-development@xxxxxxxxxxxxx
• Date: Sat, 9 Mar 2019 09:42:35 +0100

On Sat, Mar 09, 2019 at 11:35:09AM +0300, Lee Mon wrote:

Hello, I found out that for random string generation rand() is used in the
rand_str():https://review.haiku-os.org/c/haiku/+/438/3/src/kits/crypto/Crypto.cpp
Should we use something more random than default rand()? Or is it good enough?

Hi,

There is a work in progress implementation of arc4random here:
https://review.haiku-os.org/c/haiku/+/32

However, it needs getentropy (there is no good random generator without
entropy sources). An initial implementation is in the previous patch
(31, linked from the above), but it does not actually collect any
entropy yet.

You can read more about the design and internals of arc4random here:
http://www.openbsd.org/papers/hackfest2014-arc4random/mgp00001.html

-- 
Adrien.

• Follow-Ups:
  • [haiku-development] Re: Crypto Kit and randomness
    • From: Lee Mon

• References:
  • [haiku-development] Crypto Kit and randomness
    • From: Lee Mon

Other related posts:

• » [haiku-development] Crypto Kit and randomness- Lee Mon
• » [haiku-development] Re: Crypto Kit and randomness - Adrien Destugues
• » [haiku-development] Re: Crypto Kit and randomness- Lee Mon
• » [haiku-development] Re: Crypto Kit and randomness- Adrien Destugues

1. Home
2. haiku-development
3. Archive
4. 03-2019

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---