arc4random weakness
Dag-Erling Smørgrav
des at des.no
Sun Mar 19 14:44:00 UTC 2017
Andrey Chernov <ache at freebsd.org> writes:
> Theo kindly explained that zeroing whole page instead of single variable
> suits to his newest arc4random better, since clears two structs at once
> (including ChaCha state), making some form of backward secrecy.
Yes, avoiding leaking key material to child processes would be useful
for more than just arc4random.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-hackers
mailing list