[LLVMdev] Adding diversity for security (and testing)

Stephen Crane sjcrane at uci.edu
Wed Aug 28 14:22:20 PDT 2013


I think others more qualified than myself have sufficiently addressed 
why having a strong (aka crypto-secure) RNG is a good idea, so I will 
leave that. However, I can shed some light on a few of the practical 
concerns of our proposed additions.

On 08/28/2013 10:50 AM, Paul Robinson wrote:
> As for using AES-128, I see buzzword value, but no real technical 
> need.  (No question that "crypto == good" syndrome comes into play 
> here; it's rare that you have to defend using crypto even if it isn't 
> warranted.  Until you run into a cranky-pants like me!)  In any case 
> you need a fallback for when OpenSSL isn't available.  I'm not 
> claiming what LLVM has now is adequate for you (looks like it uses 
> rand(2)) but AES-128 seems like overkill. (I've lost track of the 
> general crypto-export-control state of things, but just a reminder 
> that LLVM avoids anything that could possibly be export-controlled.)

We do provide a fall-back (currently a simple LCG) if linking against 
OpenSSL is undesirable in some circumstances. The crypto export battle 
is basically over, and all Linux distributions and (so far) OS X ship 
OpenSSL. OpenSSL binary packages are also available for building on Windows.

- stephen



More information about the llvm-dev mailing list