[16077] in Kerberos_V5_Development
Re: Adding Fortuna as a new prng
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Aug 19 09:18:12 2010
From: Sam Hartman <hartmans@mit.edu>
To: Zhanna Tsitkova <tsitkova@mit.edu>
Date: Thu, 19 Aug 2010 09:18:03 -0400
In-Reply-To: <8DD7AD829AB61E499A433D6E558110A3023E184C4A@EXPO7.exchange.mit.edu>
(Zhanna Tsitkova's message of "Wed, 18 Aug 2010 20:30:01 -0400")
Message-ID: <tsl4oeqd9mc.fsf@mit.edu>
MIME-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Zhanna" == Zhanna Tsitkova <tsitkova@MIT.EDU> writes:
Zhanna> 1. Code borrowing. At the moment we know about two open
Zhanna> source implementations of Fortuna in C. One of them is from
Zhanna> libTomCrypt project and another one circulates under
Zhanna> "Copyright (c) Marko Kreen" license. The opinion was
Zhanna> expressed that even though libTomCrypt license does not have
Zhanna> any restrictions, it is somewhat faceless, and consequently
Zhanna> might be an issue for the lawyers. So, perhaps, Marko
Zhanna> Kreen's implementation is a better bid.
I don't understand this point.
Can you please post the license or a link to the license for the code
you plan to include.
Zhanna> 2. Fortuna requires SHA256. At the moment SHA2 is not part
Zhanna> of Kerberos crypto-system. If Kerberos is built with OpenSSL
Zhanna> or NSS cryptography, is it OK to use crypto primitives from
Zhanna> these providers to implement Fortuna and do not support
Zhanna> Fortuna PRNG for the library built with the built-in crypto
Zhanna> backend?
It seems that sha2 implementations are widely available. I think if
you're going to ship a prng it should work with the built-in crypto
unless there's a compelling reason this is a bad idea. Needing to pick
and import a sha2 implementation doesn't seem like one.
Zhanna> 3. Fortuna and Yarrow living together. Some use-cases
Zhanna> indicate that Kerberos library might show better performance
Zhanna> if both PRNG implementations are available at run-time. (For
Zhanna> example, some lightweight client shares libraries with the
Zhanna> server: the former works faster with Yarrow, the latter -
Zhanna> with Fortuna). So, Fortuna and Yarrow should co-exist and
Zhanna> PRNG selection should be a configurable, and pluggable,
Zhanna> feature. This is the plan for the future. As the first step
Zhanna> in Fortuna direction, however, we suggest to take an
Zhanna> approach of one-PRNG-implementation-per-library.
I kind of question the future plan. I consider myself a power user and
couldn't imagine ever wanting to switch PRNGs. I think few Kerberos
users want the complexity of PRNG selection. I've never had to select
the PRNG I use for OpenSSL, Windows, ssh, NSS or the like. Why should I
for Kerberos?
--Sam
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
