NEW 169860
ARC4RandomNumberGenerator should discard 3072 bytes instead of 256 bytes 
https://bugs.webkit.org/show_bug.cgi?id=169860
Summary ARC4RandomNumberGenerator should discard 3072 bytes instead of 256 bytes
Pirabarlen Cheenaramen
Reported 2017-03-19 09:23:44 PDT
Discard 3072 bytes instead of 256 bytes
Attachments
Discard 3072 bytes instead of 256 bytes (804 bytes, patch)
2017-03-19 09:36 PDT, Pirabarlen Cheenaramen 		mark.lam: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Pirabarlen Cheenaramen
Comment 1 2017-03-19 09:36:31 PDT
Created attachment 304896 [details] Discard 3072 bytes instead of 256 bytes
Pirabarlen Cheenaramen
Comment 2 2017-03-19 09:38:40 PDT
This follows the recommendations outlined in Network Operations Division Cryptographic Requirements published on wikileaks on March 2017. We discard more bytes of the first keystream to reduce possibility of non-random bytes.
Pirabarlen Cheenaramen
Comment 3 2017-03-20 22:54:03 PDT
This change is similar to https://svnweb.freebsd.org/base?view=revision&revision=315225
Mark Lam
Comment 4 2017-03-24 09:41:06 PDT
Comment on attachment 304896 [details] Discard 3072 bytes instead of 256 bytes Thank you for writing up a patch. I'm not sure I'm knowledgeable enough to review this patch, but for starters, you need to create a ChangeLog entry, and document why you're making this change in there. See https://webkit.org/contributing-code/ for the process. r- for now because the ChangeLog is missing.
Oliver Hunt
Comment 5 2017-03-27 13:25:45 PDT
I believe the correct thing to do is to just drop rc4 (for which there is a separate patch)
Joseph Pecoraro
Comment 6 2017-06-16 19:21:55 PDT
(In reply to Oliver Hunt from comment #5) > I believe the correct thing to do is to just drop rc4 (for which there is a > separate patch) Did that end up happening? The code in Source/WTF/wtf/CryptographicallyRandomNumber.cpp appears unchanged.
Note You need to log in before you can comment on or make changes to this bug.