-
- Downloads
Implement a fast aes-ctr prng
This module is currently implemented to use the same technique as libottery (later used by the bsds' arc4random replacement), using AES-CTR-256 as its underlying stream cipher. It's backtracking- resistant immediately after each call, and prediction-resistant after a while. Here's how it works: We generate psuedorandom bytes using AES-CTR-256. We generate BUFLEN bytes at a time. When we do this, we keep the first SEED_LEN bytes as the key and the IV for our next invocation of AES_CTR, and yield the remaining BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG. As we yield bytes to the user, we clear them from the buffer. Every RESEED_AFTER times we refill the buffer, we mix in an additional SEED_LEN bytes from our strong PRNG into the seed. If the user ever asks for a huge number of bytes at once, we pull SEED_LEN bytes from the PRNG and use them with our stream cipher to fill the user's request.
Showing
- src/lib/crypt_ops/crypto_rand.h 32 additions, 0 deletionssrc/lib/crypt_ops/crypto_rand.h
- src/lib/crypt_ops/crypto_rand_fast.c 263 additions, 0 deletionssrc/lib/crypt_ops/crypto_rand_fast.c
- src/lib/crypt_ops/crypto_rand_numeric.c 46 additions, 10 deletionssrc/lib/crypt_ops/crypto_rand_numeric.c
- src/lib/crypt_ops/include.am 1 addition, 0 deletionssrc/lib/crypt_ops/include.am
- src/test/test_crypto_rng.c 117 additions, 0 deletionssrc/test/test_crypto_rng.c
Loading
Please register or sign in to comment