diff mbox

Discard 3072 bytes instead of 256 bytes

Message ID 20170318140813.GA8925@codarren-MS-7758
State New
Headers show

Commit Message

Codarren Velvindron March 18, 2017, 2:08 p.m. UTC
As per the recommendations outlined in Network Operations Division
Cryptographic Requirements published on Wikileaks on March 2017.
We discard more bytes of the first keysteam
to reduce the possibility of non-random bytes.
Similar to a change in FreeBSD:
https://svnweb.freebsd.org/base?view=revision&revision=315225

Signed-off-by: Codarren Velvindron <codarren@hackers.mu>
---
 libc/stdlib/arc4random.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
diff mbox

Patch

diff --git a/libc/stdlib/arc4random.c b/libc/stdlib/arc4random.c
index 0013612..4801886 100644
--- a/libc/stdlib/arc4random.c
+++ b/libc/stdlib/arc4random.c
@@ -154,8 +154,11 @@  arc4_stir(struct arc4_stream *as)
 	/*
 	 * Discard early keystream, as per recommendations in:
 	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
+	 * As per the Network Operations Division, cryptographic requirements
+	 * published on wikileaks on March 2017
 	 */
-	for (n = 0; n < 256; n++)
+
+	for (n = 0; n < 3072; n++)
 		(void)arc4_getbyte(as);
 	arc4_count = 1600000;
 }