[liberationtech] libfortuna fun
Waitman Gobble
uzimac at da3m0n8t3r.com
Fri Jul 19 22:12:50 PDT 2013
On Wed, 17 Jul 2013 22:19:06 -0700 (PDT), Waitman Gobble
<uzimac at da3m0n8t3r.com> wrote:
>
>I've been researching the Fortuna PRNG and found a good implementation
within
>PostgreSQL. I ripped out a big chunk of the code in pgsql/contrib/pgcrypto
and
>turned it into libfortuna. My first tests are positive, seems to work. I'm
>building on FreeBSD, but should work on other BSD/Unix systems. Maybe
>GNU/Linux, not sure, I tend to only build other people's projects on Linux.
>
>At the moment my test program dumps out 1024 fortuna-generated random
numbers.
>But there's a whole swiss army knife of encryption related routines in
>pgcrypto, so it looks to be great fun to tinker with and expand the
library,
>import the rest of the pgcrypto code base. I'm just getting started
>experimenting. Perhaps irrelevant, yet it seems like there's a good
interest
>in encryption in this group, so I thought I'd share.
>
>The library code is at: https://github.com/waitman/libfortuna
>testing 123 programs at: https://github.com/waitman/fortuna-tests
>
>It's mostly unmodified PG code, replacing the PG memory management routines
>with 'native' jemalloc/malloc_np.h. When it seems sane I'll submit a
FreeBSD
>port.
>
There weren't any replies to this, so maybe it's a totally dead/DOA issue, but
I
have seen some people talking about TRNG and PRNG recently.. so somewhat
relevant.. follow-up. anyway, I ran some visual randomness tests using the
MagicWand api and ripped the rngtest program out of rng-tools (Debian
source),
ported it to FreeBSD. So libfortuna passes the FIPS 140-2 tests (according
to
rngtest), and of course that's circa 2001... Anyway today I created a port
and
submitted it, as of r323333 (now) it's in the FreeBSD ports tree if you want
to check it out.
tests, images, docs, source, etc on my personal desktop machine at
https://dx.burplex.com/bin/libfortuna.html
despite it's age, the rngtest tool is possibly a good thing to use on
miniature computing devices. or software/api expirements, if only to get
warm
fuzzies.(?)
i do want to check out sp800-90b as the poster recommended in another
thread.. looks cool. if possible build an even better testing tool.
--
Waitman Gobble
San Jose California USA
+1.5108307875
More information about the liberationtech
mailing list