r171 - trunk/BOOK/chapter02

manuel at linuxfromscratch.org manuel at linuxfromscratch.org
Sat Feb 12 11:41:04 PST 2005


Author: manuel
Date: 2005-02-12 12:41:03 -0700 (Sat, 12 Feb 2005)
New Revision: 171

Added:
   trunk/BOOK/chapter02/arc4random.xml
Modified:
   trunk/BOOK/chapter02/chapter02.xml
Log:
Added chapter02/arc4random.xml

Added: trunk/BOOK/chapter02/arc4random.xml
===================================================================
--- trunk/BOOK/chapter02/arc4random.xml	2005-02-12 18:41:24 UTC (rev 170)
+++ trunk/BOOK/chapter02/arc4random.xml	2005-02-12 19:41:03 UTC (rev 171)
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../general.ent">
+  %general-entities;
+]>
+<sect1 id="ch-tools-arc4random">
+<title>Arc4random</title>
+<?dbhtml filename="arc4random.html"?>
+
+<para>The <function>arc4random()</function> library function was developed by 
+OpenBSD to provide very dependable random numbers even when the system is in 
+awful running order. Originally it was made to provide a Libc interface to <filename 
+class="devicefile">/dev/arandom</filename> and sysctl <filename 
+class="devicefile">arandom</filename>, but <filename class="devicefile">arandom</filename> 
+does not exist in Linux. The <filename class="libraryfile">arc4random</filename> library uses
+arcfour (another rc4) key stream cipher, which can be in about (2**1700) states.</para>
+
+<para>The frandom kernel patch, providing <filename class="devicefile">erandom</filename>, 
+is very similar to <filename class="devicefile">arandom</filename> except that 
+<filename class="devicefile">erandom</filename> must be seeded manually, and 
+<filename class="devicefile">erandom</filename> uses md5 hashes while 
+<filename class="devicefile">arandom</filename> uses arcfour. <filename 
+class="devicefile">erandom</filename> is seeded from the state of <filename 
+class="devicefile">frandom</filename> and uses no kernel entropy, but consequently 
+is unsafe for cryptography. <filename class="devicefile">frandom</filename> is seeded
+directly from the kernel entropy pool, but only once per use, and can provide gigabytes 
+of output while only consuming 16 bytes of kernel entropy. To reseed
+<filename class="devicefile">erandom</filename> simply use <filename 
+class="devicefile">frandom</filename>, such as dumping one block from <filename 
+class="devicefile">frandom</filename> to <filename class="devicefile">/dev/null</filename>.
+The sysctl interfaces are available to provide entropy through chroot. Sysctl is a single 
+thread interface, so the devices in <filename class="directory">/dev</filename> are 
+attempted first. Even if the devices in <filename class="devicefile">/dev</filename> 
+are not available sysctl has performed very well. The <filename 
+class="directory">frandom</filename>, <filename class="devicefile">erandom</filename>, 
+and sysctl <filename class="devicefile">urandom</filename> devices and interfaces 
+are available from the pseudo_random kernel patch.</para>
+
+<para>In this implementation the Libc patches for <filename 
+class="libraryfile">arc4random</filename> provide two key
+functions, <function>arc4random()</function> and <function>arc4randomII()</function>. 
+<function>arc4random()</function> uses <filename class="devicefile">urandom</filename> 
+and is intended for cryptographic applications, <function>arc4randomII()</function> uses 
+<filename class="devicefile">erandom</filename> and is intended for non-cryptographic 
+applications. Both of these functions include <function>gettimeofday(2)</function> when 
+initializing, making it impossible to generate the same sequence twice, even if the kernel 
+random generator (<filename class="devicefile">urandom</filename>) has crashed.
+The first 256 long words (1024 bytes) are discarded due to a <quote>known text</quote>
+weakness in the rc4 cipher. There is a man page provided with the Libc patches. The man 
+page for <filename class="libraryfile">arc4random</filename> (3) provided by OpenBSD 
+assumes <function>arc4random()</function> uses <filename 
+class="devicefile">arandom</filename>, and it is incorrect for this implementation.</para>
+
+<para>The Libc patches also patch <command>mktemp</command>(3) to use 
+<function>arc4randomII()</function>.</para>
+
+<para>Many applications can use <function>arc4random()</function> in place of 
+<filename class="devicefile">/dev/urandom</filename>. Applications often have 
+no fail safe or error control if the kernel random driver is unavailable.</para>
+
+<para>OpenSSL supports <function>arc4random()</function> with a minor 
+patch to enable it. Their portable alternative is to use <function>getpid()</function>, 
+so using <function>arc4random()</function> is a significant improvement.</para>
+ 
+<para>See also:
+<itemizedlist>
+<listitem>
+<para>Frandom homepage - <ulink url="http://frandom.sourceforge.net/"/></para>
+</listitem>
+<listitem>
+<para><ulink url="http://www.research.ibm.com/trl/projects/security/ssp/"/></para>
+</listitem>
+<listitem>
+<para>Paper describing Arcfour - <ulink 
+url="http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt"/></para>
+</listitem>
+<listitem>
+<para>Paper describing the RC4 (and arcfour) weakness - 
+<ulink url="http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps"/></para>
+</listitem>
+<listitem>
+<para>The original library source code - <ulink 
+url="http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c"/></para>
+</listitem>
+</itemizedlist>
+</para>
+
+</sect1>


Property changes on: trunk/BOOK/chapter02/arc4random.xml
___________________________________________________________________
Name: svn:keywords
   + "Author Date Revision Id"

Modified: trunk/BOOK/chapter02/chapter02.xml
===================================================================
--- trunk/BOOK/chapter02/chapter02.xml	2005-02-12 18:41:24 UTC (rev 170)
+++ trunk/BOOK/chapter02/chapter02.xml	2005-02-12 19:41:03 UTC (rev 171)
@@ -11,6 +11,7 @@
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="introduction.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="hostreqs.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="toolchain.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="arc4random.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="ssp.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="pie.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="creatingpartition.xml"/>




More information about the hlfs-dev mailing list