logo_kerberos.gif

Difference between revisions of "Projects/Alternative PRNG"

From K5Wiki
Jump to: navigation, search
m (Alternative PRNG moved to Projects/Alternative PRNG: move to Projects)
Line 7: Line 7:
 
== Functional Requirements ==
 
== Functional Requirements ==
   
* Define PRNG implementation during configuration process
 
  +
* Define PRNG implementation during the configuration process. Yarrow-160 PRNG implementation should be the default one. One should use the flag ''--with-prng-algorithm'' to select the desired PRNG algorithm. For example, ''./configure --with-prng-algorithm=fortuna''.
* Implement Fortuna PRNG
+
* Implement Fortuna PRNG.
   
   
== Design ==
+
== Implementation ==
  +
  +
====krb5_prng_provider====
  +
  +
A new type is added to describe PRNG provider:
  +
  +
typedef struct krb5_prng_provider {
  +
char name[8];
  +
krb5_error_code make_octets(krb5_context, krb5_data *);
  +
krb5_error_code add_entropy(krb5_context , unsigned int, const krb5_data *);
  +
int init(void);
  +
void cleanup (void);
  +
}
  +
  +
====Public API====
  +
  +
The public API related to PRNG stays unchanged: ''krb5int_prng_init, krb5_c_random_add_entropy, krb5_c_random_seed, krb5_c_random_make_octets, krb5_c_random_os_entropy''. However, the functional bodies are modified to control the use of the selected PRNG algorithm. The following is the typical example of this update:
  +
  +
#ifdef FORTUNA
  +
const struct krb5_prng_provider *prng = &krb5int_prng_fortuna;
  +
#else
  +
const struct krb5_prng_provider *prng = &krb5int_prng_yarrow;
  +
#endif
  +
  +
int krb5int_prng_init(void)
  +
{
  +
int err = 0;
  +
err = prng->init();
  +
return err;
  +
}
  +
  +
  +
====Fortuna Implementation====
  +
  +
One of the possibilities is to borrow the Fortuna implementation code that circulates under "Copyright (c) Marko Kreen" license. It works well with OpenSSL crypto backend. However, for the ''builtin'' crypto backend one would need to add SHA256 support to the native Kerberos crypto library.
   
   
Line 18: Line 18:
 
# Define the place of PRNG module inside crypto library structure. Adjust build system accordingly.
 
# Define the place of PRNG module inside crypto library structure. Adjust build system accordingly.
 
# Evaluate the existing implementations of Fortuna PRNG. Adapt the appropriate code or implement Fortuna PRNG based on the design doc. This will require SHA2 addition.
 
# Evaluate the existing implementations of Fortuna PRNG. Adapt the appropriate code or implement Fortuna PRNG based on the design doc. This will require SHA2 addition.
# Document basic instructions how to implement and plug in a new PRNG.
+
# Document basic instructions how to implement and plug-in a new PRNG.

Revision as of 23:22, 23 August 2010

This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.



Current Kerberos implementation uses Yarrow-160 as a native PRNG. The goal of this project is to simplify the process of adoption of the alternative pseudorandom number generators such as HW accelerators, OS or any other cryptographically secure PRN generators that better suit the particular environment (depending on the type of hardware, system,configuration) and requirements (optimization, FIPS certification etc).


Functional Requirements

  • Define PRNG implementation during the configuration process. Yarrow-160 PRNG implementation should be the default one. One should use the flag --with-prng-algorithm to select the desired PRNG algorithm. For example, ./configure --with-prng-algorithm=fortuna.
  • Implement Fortuna PRNG.


Implementation

krb5_prng_provider

A new type is added to describe PRNG provider:

typedef  struct krb5_prng_provider {
   char name[8];
   krb5_error_code make_octets(krb5_context, krb5_data *);
   krb5_error_code add_entropy(krb5_context , unsigned int, const krb5_data *);
   int init(void);
   void cleanup (void);
}

Public API

The public API related to PRNG stays unchanged: krb5int_prng_init, krb5_c_random_add_entropy, krb5_c_random_seed, krb5_c_random_make_octets, krb5_c_random_os_entropy. However, the functional bodies are modified to control the use of the selected PRNG algorithm. The following is the typical example of this update:

#ifdef FORTUNA
const struct krb5_prng_provider *prng = &krb5int_prng_fortuna;
#else
const struct krb5_prng_provider *prng = &krb5int_prng_yarrow; 
#endif

int krb5int_prng_init(void)
{
   int err = 0;
   err = prng->init();
   return err;
}


Fortuna Implementation

One of the possibilities is to borrow the Fortuna implementation code that circulates under "Copyright (c) Marko Kreen" license. It works well with OpenSSL crypto backend. However, for the builtin crypto backend one would need to add SHA256 support to the native Kerberos crypto library.


Milestones

  1. Define the place of PRNG module inside crypto library structure. Adjust build system accordingly.
  2. Evaluate the existing implementations of Fortuna PRNG. Adapt the appropriate code or implement Fortuna PRNG based on the design doc. This will require SHA2 addition.
  3. Document basic instructions how to implement and plug-in a new PRNG.