[Cryptography] Mac OS 10.7.5 Random Numbers
Arnold Reinhold
agr at me.com
Mon Feb 3 00:34:05 EST 2014
Based on the Darwin source code posted at the xnu project, Apple uses the SHA1 version of Yarrow with the 1999 source code from Counterpane essentially unchanged. This give them a 160-bit secret state. An obvious improvement would be to switch to SHA2 or SHA3 with a 256 or 512 bit state, but the Apple source contains this warning:
"THIS FILE IS NEEDED TO PASS FIPS ACCEPTANCE FOR THE RANDOM NUMBER GENERATOR.
IF YOU ALTER IT IN ANY WAY, WE WILL NEED TO GO THOUGH FIPS ACCEPTANCE AGAIN,
AN OPERATION THAT IS VERY EXPENSIVE AND TIME CONSUMING. IN OTHER WORDS,
DON'T MESS WITH THIS FILE."
Arnold Reinhold
More information about the cryptography
mailing list