Page MenuHomeFreeBSD

random(4): Flip default Fortuna generator over to Chacha20
ClosedPublic

Authored by cem on Dec 19 2019, 8:03 PM.
Tags
None
Referenced Files
F106005557: D22878.id65817.diff
Mon, Dec 23, 6:43 PM
Unknown Object (File)
Mon, Nov 25, 12:32 AM
Unknown Object (File)
Nov 11 2024, 8:19 AM
Unknown Object (File)
Oct 19 2024, 10:20 AM
Unknown Object (File)
Sep 27 2024, 1:54 AM
Unknown Object (File)
Sep 20 2024, 1:55 AM
Unknown Object (File)
Sep 19 2024, 4:07 PM
Unknown Object (File)
Sep 19 2024, 1:30 PM
Subscribers

Details

Summary

The implementation was landed in r344913 and has had some bake time (at
least on my personal systems). There is some discussion of the motivation
for defaulting to this cipher as a PRF in the commit log for r344913.

As documented in that commit, administrators can retain the prior mode of
operation by setting the 'kern.random.use_chacha20_cipher' tunable to 0 in
loader.conf(5).

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Update the surrounding comments to match the modified default, as well.

markm added a subscriber: markm.

No-brainer.

This revision is now accepted and ready to land.Dec 19 2019, 11:52 PM
delphij added a subscriber: delphij.
delphij added inline comments.
sys/dev/random/hash.c
82 ↗(On Diff #65818)

[OPTIONAL] I think eventually AES-ICM would be gone, it's probably better described as "old default", but I'm fine with the current change as-is too.

sys/dev/random/hash.c
82 ↗(On Diff #65818)

I prefer to leave the documented options explicit for now; when and if we intend to remove AES-ICM, we will just remove the knob entirely, along with its documentation.