[PATCH] Adding diversity for security
Tom Roeder
tmroeder at google.com
Wed Oct 2 10:28:14 PDT 2013
>From what I've seen, it's been quite stable. Looking back in the git
logs of openssl, it looks like the last time a change touched rand.h
was in 2011, and that was just to add FIPS stuff. Then the last change
before then was in 2009. So, I would say it's safe to rely on it.
On Wed, Oct 2, 2013 at 10:19 AM, Stephen Crane <sjcrane at uci.edu> wrote:
> Tom,
>
> You make a very good point which I never actually considered. I confess that
> I am not very familiar with the OpenSS APIL and was simply looking for a
> drop-in replacement for our existing simple AES implementation, which had a
> conflicting open-source license. Looking at the the OpenSSL RNG now, I see
> no problems with it as long as it is stable between versions.
>
> - Stephen
>
>
> On 10/02/13 10:02, Tom Roeder wrote:
>>
>> OpenSSL provides a facility for getting cryptographically strong
>> pseudorandom numbers: see <openssl/rand.h>. You can call
>> RAND_bytes(unsigned char *buf, int num) to get a given number of
>> random bytes. It also supports seeding and state files; see
>> http://www.openssl.org/docs/crypto/rand.html for the full API. From a
>> cursory look at the patch, it seems like the RandomNumberGenerator
>> calls could be passed through mostly directly to OpenSSL if libcrypto
>> is available.
>>
>> Maybe I'm missing something: do you have requirements that aren't met
>> by the existing OpenSSL rand functionality?
>>
>> Tom
>>
>> On Wed, Oct 2, 2013 at 6:34 AM, Alex Rosenberg <alexr at leftfield.org>
>> wrote:
>>>
>>> I'm not a crypto geek but... I think the choices of seeds need to be
>>> explained in the comments.
>>>
>>> For example, the result of malloced memory is likely to be just zeros on
>>> some platforms and the addresses of command line argument pointers is likely
>>> to be constant between runs.
>>>
>>> Alex
>>>
>>>> On Oct 1, 2013, at 3:13 PM, Stephen Crane <sjcrane at uci.edu> wrote:
>>>>
>>>> Adds the capability to randomly insert NOPs, permuting the code layout,
>>>> as well as the option to randomize scheduling decisions. Includes an
>>>> OpenSSL-linked RNG to provide secure random number generation.
>>>>
>>>> http://llvm-reviews.chandlerc.com/D1802
>>>>
>>>> Files:
>>>> CMakeLists.txt
>>>> Makefile.config.in
>>>> autoconf/configure.ac
>>>> cmake/config-ix.cmake
>>>> cmake/modules/LLVM-Config.cmake
>>>> configure
>>>> include/llvm/CodeGen/CommandFlags.h
>>>> include/llvm/CodeGen/MachineInstr.h
>>>> include/llvm/Config/config.h.cmake
>>>> include/llvm/Config/config.h.in
>>>> include/llvm/MC/MCRegisterInfo.h
>>>> include/llvm/Support/RandomNumberGenerator.h
>>>> include/llvm/Target/TargetOptions.h
>>>> lib/CodeGen/LLVMBuild.txt
>>>> lib/CodeGen/MachineBasicBlock.cpp
>>>> lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
>>>> lib/LTO/LTOCodeGenerator.cpp
>>>> lib/LTO/LTOModule.cpp
>>>> lib/Support/CMakeLists.txt
>>>> lib/Support/RandomNumberGenerator.cpp
>>>> lib/Target/X86/CMakeLists.txt
>>>> lib/Target/X86/NOPInsertion.cpp
>>>> lib/Target/X86/X86.h
>>>> lib/Target/X86/X86TargetMachine.cpp
>>>> test/CodeGen/X86/nop-insert-percentage.ll
>>>> test/CodeGen/X86/nop-insert.ll
>>>> test/CodeGen/X86/sched-rnd-test.ll
>>>> test/Makefile
>>>> test/lit.cfg
>>>> test/lit.site.cfg.in
>>>> tools/llc/llc.cpp
>>>> tools/opt/opt.cpp
>>>> <D1802.1.patch>
>>>> _______________________________________________
>>>> llvm-commits mailing list
>>>> llvm-commits at cs.uiuc.edu
>>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>>>
>>> _______________________________________________
>>> llvm-commits mailing list
>>> llvm-commits at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
>
More information about the llvm-commits
mailing list