random(4): Flip default Fortuna generator over to Chacha20
ClosedPublic
Actions

Authored by cem on Dec 19 2019, 8:03 PM.

Details

Reviewers

markm
delphij
jmg

Group Reviewers

csprng
O3: Kernel Random Numbers Generator

Commits

rS355949: random(4): Flip default Fortuna generator over to Chacha20

Summary

The implementation was landed in r344913 and has had some bake time (at
least on my personal systems). There is some discussion of the motivation
for defaulting to this cipher as a PRF in the commit log for r344913.

As documented in that commit, administrators can retain the prior mode of
operation by setting the 'kern.random.use_chacha20_cipher' tunable to 0 in
loader.conf(5).

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

cem created this revision.Dec 19 2019, 8:03 PM

Harbormaster completed remote builds in B28231: Diff 65817.Dec 19 2019, 8:03 PM

Update the surrounding comments to match the modified default, as well.

Harbormaster completed remote builds in B28232: Diff 65818.Dec 19 2019, 8:09 PM

No-brainer.

This revision is now accepted and ready to land.Dec 19 2019, 11:52 PM

delphij accepted this revision.Dec 20 2019, 12:20 AM

delphij added a subscriber: delphij.

delphij added inline comments.

sys/dev/random/hash.c
82 ↗	(On Diff #65818)	[OPTIONAL] I think eventually AES-ICM would be gone, it's probably better described as "old default", but I'm fine with the current change as-is too.

cem added inline comments.Dec 20 2019, 9:09 PM

sys/dev/random/hash.c
82 ↗	(On Diff #65818)	I prefer to leave the documented options explicit for now; when and if we intend to remove AES-ICM, we will just remove the knob entirely, along with its documentation.