Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secondary pseudo-random number generator #258

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Add secondary pseudo-random number generator #258

wants to merge 5 commits into from

Conversation

t-bast
Copy link
Member

@t-bast t-bast commented Apr 21, 2021
edited
Loading

In case of catastrophic failures of the OS SecureRandom instance, we add a secondary randomness source that we mix into the random stream.

This is a somewhat weak random source and should not be used on its own, but it doesn't hurt to xor it with the output of SecureRandom.

The runtimeEntropy should be customized for iOS and Android by fetching all kind of random noise available to the application (available memory, process ID, sensor data, network statistics, etc).

Thanks @robbiehanson for the iOS code!

@t-bast t-bast force-pushed the secondary-rng branch 2 times, most recently from 776180a to b469710 Compare April 22, 2021 10:55
@t-bast t-bast marked this pull request as ready for review April 22, 2021 12:10
@t-bast t-bast requested review from robbiehanson and sstone April 22, 2021 12:10
robbiehanson
robbiehanson previously approved these changes Apr 22, 2021
View reviewed changes
PhoenixCrypto/PhoenixCrypto/Classes/NativeWeakRandom.swift Outdated Show resolved Hide resolved
robbiehanson
robbiehanson previously approved these changes Apr 22, 2021
View reviewed changes
@t-bast t-bast mentioned this pull request May 4, 2021
Closed
@t-bast
Fix typo in ShaChain test file
804ea1d
@t-bast
Make SecureRandom private
e89eba5 
We want to ensure the application doesn't access it directly and instead
uses our utility functions that will mix in additional randomness.
@t-bast
Add WeakRandom prng
8a516fa 
In case of catastrophic failures of the SecureRandom instance, we add a
secondary randomness source that we mix into the random stream.

This is a somewhat weak random source and should not be used on its own,
but it doesn't hurt to xor it with the output of SecureRandom.

The `runtimeEntropy` should be customized for iOS and Android.
@t-bast
Add native entropy for iOS
e0aa4be 
Collect some runtime statistics for iOS.
@t-bast
Add native entropy for JVM
6db1ded 
Collect some JVM statistics.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robbiehanson robbiehanson robbiehanson left review comments

@sstone sstone Awaiting requested review from sstone

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@t-bast @robbiehanson