Re: [cryptography] FreeBSD crypto and security meta
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aloha! coderman wrote: FreeBSD's CSPRNG also allowed for certain stochastic sources, deemed to be high-quality, to directly supply the random(4) device without going through Yarrow. With recent revelations over possible government surveillance and involvement in the selection of these high-quality sources, it is felt that they can no longer be trusted, and must therefore also be processed though Yarrow. This is imho a really good move. No entropy should go straight from collection to application, but always feed a good CSPRNG. But we also need to be able to (securely) sample the entropy source as well as (securely) inject test data into the CSPRNG. Both of these to be able to observe and test the combined entrpoy+CSPRNG chain. Future work is now going ahead with the implementation of the Fortuna algorithm by Ferguson and Schneier as an upgrade or alternative to Yarrow. Initially a choice will be presented, and decisions on the future of the CSPRNG processing algorithms in use will be made in the future as needs arise. Nice! FreeBSD ftw. ;-) - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlJmLQMACgkQZoPr8HT30QHTGwCdFlIDwh6he8QBKZB9RGLk8J6X 7ToAn3X2Mc+efSjHoaQPbxJBMIr1+m+T =5f0H -END PGP SIGNATURE- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] FreeBSD crypto and security meta
https://lists.freebsd.org/pipermail/freebsd-security/2013-October/007226.html http://www.freebsd.org/news/status/report-2013-07-2013-09.html#AES-NI-Improvements-for-GELI http://www.freebsd.org/news/status/report-2013-07-2013-09.html#Reworking-random(4) ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] FreeBSD crypto and security meta
On Mon, Oct 21, 2013 at 1:45 PM, grarpamp grarp...@gmail.com wrote: ... http://www.freebsd.org/news/status/report-2013-07-2013-09.html#Reworking-random(4) the interesting bit: FreeBSD's CSPRNG also allowed for certain stochastic sources, deemed to be high-quality, to directly supply the random(4) device without going through Yarrow. With recent revelations over possible government surveillance and involvement in the selection of these high-quality sources, it is felt that they can no longer be trusted, and must therefore also be processed though Yarrow. The matter was discussed at various levels of formality at the Cambridge Developer Summit in August, and at EuroBSDcon 2013 in September. This work is now done, and the random(4) CSPRNG is now brought to a more paranoid, modern standard of distrust with regard to its entropy sources. Infrastructure work was also done to facilitate certain entropy-source choices for the convenience of the system administrators. Future work is now going ahead with the implementation of the Fortuna algorithm by Ferguson and Schneier as an upgrade or alternative to Yarrow. Initially a choice will be presented, and decisions on the future of the CSPRNG processing algorithms in use will be made in the future as needs arise. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] FreeBSD crypto and security meta [was: zfs review 4185 New hash algo]
Date: Mon, 7 Oct 2013 11:44:57 +0200 From: Pawel Jakub Dawidek p...@freebsd.org To: z...@lists.illumos.org Subject: Re: [zfs] [Review] 4185 New hash algorithm support On Mon, Oct 07, 2013 at 12:47:52AM +0100, Saso Kiselkov wrote: Please review what frankly has become a bit of a large-ish feature: http://cr.illumos.org/~webrev/skiselkov/new_hashes/ This webrev implements new hash algorithms for ZFS with much improved performance. There are three algorithms included: [...] Personally I'd love to have an option to use HMAC/SHA256 for example with secret key stored in pool. Currently in our product we put ZFS with SHA256 on top of block-level disk encryption. I'd feel much better to have proper data authentication using HMAC. At some point I may find time to implement that based on your patch. With recent news renewing broad interest in self/peer examining the security of the entire spectrum of products... has the FreeBSD implementation of GELI/crypto/random published design papers, presentations and reviews? Are these collected centrally for easy reference by the community? Quick ref: https://www.freebsd.org/cgi/man.cgi?query=geli https://www.freebsd.org/cgi/man.cgi?query=cryptosektion=9 https://www.freebsd.org/cgi/man.cgi?query=cryptosektion=4 https://www.freebsd.org/cgi/man.cgi?query=randomsektion=4 https://www.freebsd.org/cgi/man.cgi?query=rndtestsektion=4 Further, and more generally on the higher level meta topics we've seen... How is FreeBSD working with the community regarding possible updates to cipher suites, embedded crypto libraries, and the like? Similarly, how is it approaching the movement towards end-to-end toolchain integrity... from the repository, through deterministic builds, and on out to secure distribution and updates? This should be viewed not as a pointer but 'While we're on the topic, hey, how are the FreeBSD folks doing' :) Presumably this subthread could migrate to freebsd lists for those interested in following the details more closely. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography