[LLVMdev] Adding diversity for security (and testing)
Stephen Crane
sjcrane at uci.edu
Wed Aug 28 14:22:20 PDT 2013
I think others more qualified than myself have sufficiently addressed
why having a strong (aka crypto-secure) RNG is a good idea, so I will
leave that. However, I can shed some light on a few of the practical
concerns of our proposed additions.
On 08/28/2013 10:50 AM, Paul Robinson wrote:
> As for using AES-128, I see buzzword value, but no real technical
> need. (No question that "crypto == good" syndrome comes into play
> here; it's rare that you have to defend using crypto even if it isn't
> warranted. Until you run into a cranky-pants like me!) In any case
> you need a fallback for when OpenSSL isn't available. I'm not
> claiming what LLVM has now is adequate for you (looks like it uses
> rand(2)) but AES-128 seems like overkill. (I've lost track of the
> general crypto-export-control state of things, but just a reminder
> that LLVM avoids anything that could possibly be export-controlled.)
We do provide a fall-back (currently a simple LCG) if linking against
OpenSSL is undesirable in some circumstances. The crypto export battle
is basically over, and all Linux distributions and (so far) OS X ship
OpenSSL. OpenSSL binary packages are also available for building on Windows.
- stephen
More information about the llvm-dev
mailing list