Re: [Chicken-hackers] Patch to use better PRNG on BSD's

[Thomas Chust]

On Wed, 2012-04-11 at 09:27 +0200, Peter Bex wrote:
> On Wed, Apr 11, 2012 at 08:49:32AM +0300, Timo Myyrä wrote:
> > Ah, I checked the manual pages of NetBSD-current and it lists
> > arc4random_uniform.
> [...]
> > Whats the problem of using hosts PRNG. I'd assume every host OS would
> > have decent PRNG.
> [...]
> 
> And I'm not so sure the assumption that every OS has a proper PRNG is
> even valid.
> [...]

Hello,

in my opinion this entire discussion is somewhat pointless unless we
define what a properties a "good" PRNG should have for our purposes.

For example neither the nonlinear additive feedback generator employed
by glibc to implement rand(3) and random(3) nor the RC4 algorithm have
acceptable quality for modern cryptographic applications -- they both
have output biases and too short periods.

On the other hand, for applications that don't require randomness good
enough for use in a stream cipher any old PRNG might do the job. It
really depends strongly on your application.

If we really wanted to include a PRNG in the CHICKEN distribution that
should satisfy any definition of "good", I would suggest to use a modern
stream cipher with high throughput, for example SOSEMANUK [1]. But I'm
not sure whether a suite of cryptographic functions is really something
that must be included in a language's standard library.

Ciao,
Thomas


--
[1] http://www.ecrypt.eu.org/stream/sosemanukpf.html


-- 
When C++ is your hammer, every problem looks like your thumb.