From owner-freebsd-security@FreeBSD.ORG Sat Jul 19 21:08:00 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AAE7342A for ; Sat, 19 Jul 2014 21:08:00 +0000 (UTC) Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48D002EE1 for ; Sat, 19 Jul 2014 21:07:59 +0000 (UTC) X-AuditID: 1209190c-f79ef6d000005dd6-a3-53cade2ea11e Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id E5.20.24022.E2EDAC35; Sat, 19 Jul 2014 17:07:58 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id s6JL7vLi029775; Sat, 19 Jul 2014 17:07:58 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s6JL7uBb025825 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 19 Jul 2014 17:07:57 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s6JL7tQs012914; Sat, 19 Jul 2014 17:07:55 -0400 (EDT) Date: Sat, 19 Jul 2014 17:07:55 -0400 (EDT) From: Benjamin Kaduk To: Mateusz Guzik Subject: Re: Speed and security of /dev/urandom In-Reply-To: <20140719210534.GA4630@dft-labs.eu> Message-ID: References: <53C85F42.1000704@pyro.eu.org> <20140719190348.GM45513@funkthat.com> <20140719192605.GV93733@kib.kiev.ua> <53CAD950.1010609@pyro.eu.org> <20140719205350.GX93733@kib.kiev.ua> <20140719210534.GA4630@dft-labs.eu> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLIsWRmVeSWpSXmKPExsUixG6nrqt371Swwd/H0hY9m56wWTQeXMzi wOQx49N8Fo+ds+6yBzBFcdmkpOZklqUW6dslcGXs2PCJqeAiU0Xf8rOsDYydTF2MnBwSAiYS 39o+MELYYhIX7q1nA7GFBGYzSbzoqe1i5AKyNzJKHD/2jgXCOcQk8fTnZ1YIp4FRouvPVrAW FgFtiVXz5oLZbAIqEjPfbASzRQRUJZ4fXc8KYjMLKEi8f3wSaDUHh7CAvsTmQ9IgYU4BA4mm 5w/ALuIVcJT4cmMf1LK7jBI7D60HO09UQEdi9f4pLBBFghInZz5hgZhpKXHuz3W2CYyCs5Ck ZiFJLWBkWsUom5JbpZubmJlTnJqsW5ycmJeXWqRrqJebWaKXmlK6iREUqpySPDsY3xxUOsQo wMGoxMP74vSpYCHWxLLiytxDjJIcTEqivDYHgEJ8SfkplRmJxRnxRaU5qcWHGCU4mJVEeH+0 AOV4UxIrq1KL8mFS0hwsSuK8b62tgoUE0hNLUrNTUwtSi2CyMhwcShK8jHeBGgWLUtNTK9Iy c0oQ0kwcnCDDeYCG37oDMry4IDG3ODMdIn+KUVFKnNcbJCEAksgozYPrhaWSV4ziQK8I86qC rOABpiG47ldAg5mABkuXHwcZXJKIkJJqYAz69nyrtbNZjJLm46Qfr5qCnplpVDxqFLBk6bfV KF6Y9OnFzLxJlpaPPstum/j/dub0PaKTOUzdojccKzDyF2jpKiuT1P85IUm9bkvU1pmS/WLa iy4sCmjYET7/+Lu6hsPX+8pmTV3D9nKGWvGlv7cPp117njLLL2+Jw4UPd4OcuW/tbhfJaVFi Kc5INNRiLipOBADXMUJ4AAMAAA== Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 21:08:00 -0000 On Sat, 19 Jul 2014, Mateusz Guzik wrote: > I believe the idea here is to have reliable source for reseeding after > fork. I don't think that's quite right; there are issues in reliably detecting that fork has occurred and a reseed performed. Always getting random bits from the kernel avoids the need to detect fork. -Ben