[Cryptography] Fast-key-erasure RNG and fork()ing
colm at allcosts.net
Tue Jun 26 17:06:27 EDT 2018
On Mon, Jun 25, 2018 at 4:15 PM, John-Mark Gurney <jmg at funkthat.com> wrote:
> The closes platform independant method is pthread_atfork, but I don't
> know how well that works across various platforms... But you can use
> that to trigger reseeds...
It works and is worth using, but it can be evaded by VMs and other
environments which may call fork()/clone() more directly.
> A great solution is the flag to zero a page on fork...
> OpenBSD, and now FreeBSD, has a flag to zero a page when the process
> forks... This way you store the seed in the page, and check to make
> sure it's not zero, if it is, then you reseed... This has the best
> protection as you will never leak seed material...
> See INHERIT_ZERO in:
Linux has this too now, in the form of MMAP_WIPEONFORK.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography