[PATCH] Discard 3072 bytes instead of 256 bytes
codarrenvelvindron
codarren at hackers.mu
Sat Mar 18 14:08:13 UTC 2017
As per the recommendations outlined in Network Operations Division
Cryptographic Requirements published on Wikileaks on March 2017.
We discard more bytes of the first keysteam
to reduce the possibility of non-random bytes.
Similar to a change in FreeBSD:
https://svnweb.freebsd.org/base?view=revision&revision=315225
Signed-off-by: Codarren Velvindron <codarren at hackers.mu>
---
libc/stdlib/arc4random.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libc/stdlib/arc4random.c b/libc/stdlib/arc4random.c
index 0013612..4801886 100644
--- a/libc/stdlib/arc4random.c
+++ b/libc/stdlib/arc4random.c
@@ -154,8 +154,11 @@ arc4_stir(struct arc4_stream *as)
/*
* Discard early keystream, as per recommendations in:
* http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
+ * As per the Network Operations Division, cryptographic requirements
+ * published on wikileaks on March 2017
*/
- for (n = 0; n < 256; n++)
+
+ for (n = 0; n < 3072; n++)
(void)arc4_getbyte(as);
arc4_count = 1600000;
}
--
2.7.4
More information about the uClibc
mailing list