From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by sourceware.org (Postfix) with ESMTPS id DF73938356A7 for ; Fri, 22 Jul 2022 15:31:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org DF73938356A7 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 326545C009C for ; Fri, 22 Jul 2022 11:31:38 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Fri, 22 Jul 2022 11:31:38 -0400 X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvddtvddgkeelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefkffggfgfuvfhfhfgjtgfgsehtje ertddtfeejnecuhfhrohhmpegkrggtkhcuhggvihhnsggvrhhguceoiigrtghksehofihl fhholhhiohdrohhrgheqnecuggftrfgrthhtvghrnhepgedvueegveefudfhvdffudejhf fgleektdduvdeffedvueeuhfduiefgtdevjeefnecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomhepiigrtghksehofihlfhholhhiohdrohhrgh X-ME-Proxy: Feedback-ID: i876146a2:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Fri, 22 Jul 2022 11:31:37 -0400 (EDT) Message-ID: Date: Fri, 22 Jul 2022 11:31:37 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.0.3 Subject: Re: [PATCH v12 1/9] stdlib: Add arc4random, arc4random_buf, and arc4random_uniform (BZ #4417) Content-Language: en-US To: libc-alpha@sourceware.org References: <20220722122137.3270666-1-adhemerval.zanella@linaro.org> <20220722122137.3270666-2-adhemerval.zanella@linaro.org> From: Zack Weinberg In-Reply-To: <20220722122137.3270666-2-adhemerval.zanella@linaro.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-9.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, JMQ_SPF_NEUTRAL, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jul 2022 15:31:43 -0000 On 2022-07-22 8:21 AM, Adhemerval Zanella via Libc-alpha wrote: > diff --git a/NEWS b/NEWS > index df882ec243..8420a65cd0 100644 > --- a/NEWS > +++ b/NEWS > @@ -60,6 +60,10 @@ Major new features: > _GNU_SOURCE macro is defined and the C++20 __cpp_char8_t feature test macro > is not defined (if __cpp_char8_t is defined, then char8_t is a builtin type). > > +* The functions arc4random, arc4random_buf, and arc4random_uniform have been > + added. The functions use a pseudo-random number generator along with > + entropy from the kernel. > + I think the second sentence ought to be a little more specific than "a pseudo-random number generator", since the whole point of the arc4random* API is that it's supposed to be cryptographically strong, and since the name (incorrectly) suggests that a *known-broken* CSPRNG is in use. Maybe something like "These functions implement a cryptographically strong pseudo-random number generator, based on ChaCha20 and automatically seeded from kernel-provided entropy." > reseeds the internal state on every 16MB of consumed buffer Is this sufficient to provide forward security (i.e. a state leak does not permit the attacker to reconstruct past outputs of the RNG)? zw