Page MenuHomeFreeBSD

random(4): Flip default Fortuna generator over to Chacha20
ClosedPublic

Authored by cem on Dec 19 2019, 8:03 PM.

Details

Summary

The implementation was landed in r344913 and has had some bake time (at
least on my personal systems). There is some discussion of the motivation
for defaulting to this cipher as a PRF in the commit log for r344913.

As documented in that commit, administrators can retain the prior mode of
operation by setting the 'kern.random.use_chacha20_cipher' tunable to 0 in
loader.conf(5).

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

Update the surrounding comments to match the modified default, as well.

markm added a subscriber: markm.

No-brainer.

This revision is now accepted and ready to land.Dec 19 2019, 11:52 PM
delphij added a subscriber: delphij.
delphij added inline comments.
sys/dev/random/hash.c
82 ↗(On Diff #65818)

[OPTIONAL] I think eventually AES-ICM would be gone, it's probably better described as "old default", but I'm fine with the current change as-is too.

sys/dev/random/hash.c
82 ↗(On Diff #65818)

I prefer to leave the documented options explicit for now; when and if we intend to remove AES-ICM, we will just remove the knob entirely, along with its documentation.