[PATCH] Adding diversity for security

Tom Roeder tmroeder at google.com
Wed Oct 2 10:28:14 PDT 2013 

>From what I've seen, it's been quite stable. Looking back in the git
logs of openssl, it looks like the last time a change touched rand.h
was in 2011, and that was just to add FIPS stuff. Then the last change
before then was in 2009. So, I would say it's safe to rely on it.



On Wed, Oct 2, 2013 at 10:19 AM, Stephen Crane <sjcrane at uci.edu> wrote:
> Tom,
>
> You make a very good point which I never actually considered. I confess that
> I am not very familiar with the OpenSS APIL and was simply looking for a
> drop-in replacement for our existing simple AES implementation, which had a
> conflicting open-source license. Looking at the the OpenSSL RNG now, I see
> no problems with it as long as it is stable between versions.
>
> - Stephen
>
>
> On 10/02/13 10:02, Tom Roeder wrote:
>>
>> OpenSSL provides a facility for getting cryptographically strong
>> pseudorandom numbers: see <openssl/rand.h>. You can call
>> RAND_bytes(unsigned char *buf, int num) to get a given number of
>> random bytes. It also supports seeding and state files; see
>> http://www.openssl.org/docs/crypto/rand.html for the full API. From a
>> cursory look at the patch, it seems like the RandomNumberGenerator
>> calls could be passed through mostly directly to OpenSSL if libcrypto
>> is available.
>>
>> Maybe I'm missing something: do you have requirements that aren't met
>> by the existing OpenSSL rand functionality?
>>
>> Tom
>>
>> On Wed, Oct 2, 2013 at 6:34 AM, Alex Rosenberg <alexr at leftfield.org>
>> wrote:
>>>
>>> I'm not a crypto geek but... I think the choices of seeds need to be
>>> explained in the comments.
>>>
>>> For example, the result of malloced memory is likely to be just zeros on
>>> some platforms and the addresses of command line argument pointers is likely
>>> to be constant between runs.
>>>
>>> Alex
>>>
>>>> On Oct 1, 2013, at 3:13 PM, Stephen Crane <sjcrane at uci.edu> wrote:
>>>>
>>>> Adds the capability to randomly insert NOPs, permuting the code layout,
>>>> as well as the option to randomize scheduling decisions. Includes an
>>>> OpenSSL-linked RNG to provide secure random number generation.
>>>>
>>>> http://llvm-reviews.chandlerc.com/D1802
>>>>
>>>> Files:
>>>>   CMakeLists.txt
>>>>   Makefile.config.in
>>>>   autoconf/configure.ac
>>>>   cmake/config-ix.cmake
>>>>   cmake/modules/LLVM-Config.cmake
>>>>   configure
>>>>   include/llvm/CodeGen/CommandFlags.h
>>>>   include/llvm/CodeGen/MachineInstr.h
>>>>   include/llvm/Config/config.h.cmake
>>>>   include/llvm/Config/config.h.in
>>>>   include/llvm/MC/MCRegisterInfo.h
>>>>   include/llvm/Support/RandomNumberGenerator.h
>>>>   include/llvm/Target/TargetOptions.h
>>>>   lib/CodeGen/LLVMBuild.txt
>>>>   lib/CodeGen/MachineBasicBlock.cpp
>>>>   lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
>>>>   lib/LTO/LTOCodeGenerator.cpp
>>>>   lib/LTO/LTOModule.cpp
>>>>   lib/Support/CMakeLists.txt
>>>>   lib/Support/RandomNumberGenerator.cpp
>>>>   lib/Target/X86/CMakeLists.txt
>>>>   lib/Target/X86/NOPInsertion.cpp
>>>>   lib/Target/X86/X86.h
>>>>   lib/Target/X86/X86TargetMachine.cpp
>>>>   test/CodeGen/X86/nop-insert-percentage.ll
>>>>   test/CodeGen/X86/nop-insert.ll
>>>>   test/CodeGen/X86/sched-rnd-test.ll
>>>>   test/Makefile
>>>>   test/lit.cfg
>>>>   test/lit.site.cfg.in
>>>>   tools/llc/llc.cpp
>>>>   tools/opt/opt.cpp
>>>> <D1802.1.patch>
>>>> _______________________________________________
>>>> llvm-commits mailing list
>>>> llvm-commits at cs.uiuc.edu
>>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>>>
>>> _______________________________________________
>>> llvm-commits mailing list
>>> llvm-commits at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
>

More information about the llvm-commits mailing list