Projects/Alternative PRNG
Current Kerberos implementation uses Yarrow-160 as a native PRNG. The goal of this project is to simplify the process of adoption of the alternative pseudorandom number generators such as HW accelerators, OS or any other cryptographically secure PRN generators that better suit the particular environment (depending on the type of hardware, system,configuration) and requirements (optimization, FIPS certification etc).
Contents
Functional Requirements
- Define PRNG implementation during the configuration process. Yarrow-160 PRNG implementation should be the default one. One should use the flag --with-prng-algorithm to select the desired PRNG algorithm. For example, ./configure --with-prng-algorithm=fortuna.
- Implement Fortuna PRNG.
Implementation
krb5_prng_provider
A new type is added to describe PRNG provider:
typedef struct krb5_prng_provider { char name[8]; krb5_error_code make_octets(krb5_context, krb5_data *); krb5_error_code add_entropy(krb5_context , unsigned int, const krb5_data *); int init(void); void cleanup (void); }
Public API
The public API related to PRNG stays unchanged: krb5int_prng_init, krb5_c_random_add_entropy, krb5_c_random_seed, krb5_c_random_make_octets, krb5_c_random_os_entropy. However, the functional bodies are modified to control the use of the selected PRNG algorithm. The following is the typical example of this update:
#ifdef FORTUNA const struct krb5_prng_provider *prng = &krb5int_prng_fortuna; #else const struct krb5_prng_provider *prng = &krb5int_prng_yarrow; #endif int krb5int_prng_init(void) { int err = 0; err = prng->init(); return err; }
Fortuna Implementation
One of the possibilities is to borrow the Fortuna implementation code that circulates under "Copyright (c) Marko Kreen" license. It works well with OpenSSL crypto backend. However, for the builtin crypto backend one would need to add SHA256 support to the native Kerberos crypto library.
Milestones
- Define the place of PRNG module inside crypto library structure. Adjust build system accordingly.
- Evaluate the existing implementations of Fortuna PRNG. Adapt the appropriate code or implement Fortuna PRNG based on the design doc. This will require SHA2 addition.
- Document basic instructions how to implement and plug-in a new PRNG.