Home Explore Help
Sign In
oss
/
uclibc-ng
4
1
Fork 0
Files Issues 3 Pull Requests 0 Wiki
Browse Source

Discard 3072 bytes instead of 256 bytes

This follows the recommendations outlined in Network Operations Division
Cryptographic Requirements published on wikileaks on March 2017.
We discard more bytes of the first keystream to reduce possibility of
non-random bytes.
This is similar to a change in FreeBSD:
https://svnweb.freebsd.org/base?view=revision&revision=315225

Signed-off-by: Loganaden Velvindron <logan@hackers.mu>
Loganaden Velvindron 7 years ago
parent
2e4d3492e6
commit
66312a40ab
1 changed files with 4 additions and 3 deletions
Split View Show Diff Stats
  1. 4 3
      libc/stdlib/arc4random.c

+ 4 - 3
libc/stdlib/arc4random.c
View File 

@@ -152,10 +152,11 @@ arc4_stir(struct arc4_stream *as)
 
 	arc4_addrandom(as, rnd, sizeof(rnd));
 
 
 	/*
 
-	 * Discard early keystream, as per recommendations in:
 
-	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
 
+	 * Discard early keystream, as per recommendations.
 
+         * Network Operations Division Cryptographic requirements                                                                                    
+         * published on wikileaks on march 2017
 
 	 */
 
-	for (n = 0; n < 256; n++)
 
+	for (n = 0; n < 3072; n++)
 
 		(void)arc4_getbyte(as);
 
 	arc4_count = 1600000;
 
 }