Page MenuHomeFreeBSD

random(4): Flip default Fortuna generator over to Chacha20
ClosedPublic

Authored by cem on Dec 19 2019, 8:03 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Apr 19, 11:11 AM
Unknown Object (File)
Sun, Apr 7, 4:27 AM
Unknown Object (File)
Mar 4 2024, 11:08 PM
Unknown Object (File)
Feb 17 2024, 3:21 PM
Unknown Object (File)
Feb 1 2024, 3:43 AM
Unknown Object (File)
Jan 7 2024, 10:54 AM
Unknown Object (File)
Dec 20 2023, 5:59 AM
Unknown Object (File)
Dec 18 2023, 5:06 PM
Subscribers

Details

Summary

The implementation was landed in r344913 and has had some bake time (at
least on my personal systems). There is some discussion of the motivation
for defaulting to this cipher as a PRF in the commit log for r344913.

As documented in that commit, administrators can retain the prior mode of
operation by setting the 'kern.random.use_chacha20_cipher' tunable to 0 in
loader.conf(5).

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Update the surrounding comments to match the modified default, as well.

markm added a subscriber: markm.

No-brainer.

This revision is now accepted and ready to land.Dec 19 2019, 11:52 PM
delphij added a subscriber: delphij.
delphij added inline comments.
sys/dev/random/hash.c
82 ↗(On Diff #65818)

[OPTIONAL] I think eventually AES-ICM would be gone, it's probably better described as "old default", but I'm fine with the current change as-is too.

sys/dev/random/hash.c
82 ↗(On Diff #65818)

I prefer to leave the documented options explicit for now; when and if we intend to remove AES-ICM, we will just remove the knob entirely, along with its documentation.