From owner-svn-doc-all@FreeBSD.ORG  Tue Oct 15 08:41:47 2013
Return-Path: <owner-svn-doc-all@FreeBSD.ORG>
Delivered-To: svn-doc-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 75178D11;
 Tue, 15 Oct 2013 08:41:47 +0000 (UTC) (envelope-from pgj@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 62A6E2D1D;
 Tue, 15 Oct 2013 08:41:47 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9F8flpQ037799;
 Tue, 15 Oct 2013 08:41:47 GMT (envelope-from pgj@svn.freebsd.org)
Received: (from pgj@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9F8flOM037796;
 Tue, 15 Oct 2013 08:41:47 GMT (envelope-from pgj@svn.freebsd.org)
Message-Id: <201310150841.r9F8flOM037796@svn.freebsd.org>
From: Gabor Pali <pgj@FreeBSD.org>
Date: Tue, 15 Oct 2013 08:41:47 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
 svn-doc-head@freebsd.org
Subject: svn commit: r42962 - head/en_US.ISO8859-1/htdocs/news/status
X-SVN-Group: doc-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-doc-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the entire doc trees \(except for &quot;
 user&quot; , &quot; projects&quot; , and &quot; translations&quot;
 \)" <svn-doc-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>,
 <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all>
List-Post: <mailto:svn-doc-all@freebsd.org>
List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>,
 <mailto:svn-doc-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Oct 2013 08:41:47 -0000

Author: pgj
Date: Tue Oct 15 08:41:46 2013
New Revision: 42962
URL: http://svnweb.freebsd.org/changeset/doc/42962

Log:
  - Update the random(4) 2013Q3 entry
  
  Submitted by:	markm

Modified:
  head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml

Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml	Tue Oct 15 00:37:17 2013	(r42961)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml	Tue Oct 15 08:41:46 2013	(r42962)
@@ -949,7 +949,7 @@
   </project>
 
   <project cat='kern'>
-    <title>Updating <tt>random(4)</tt></title>
+    <title>Reworking <tt>random(4)</tt></title>
 
     <contact>
       <person>
@@ -978,16 +978,55 @@
     </contact>
 
     <body>
-      <p>Update of <tt>random(4)</tt> to account for recent revelations,
-	and make more extensible, is in progress.</p>
+      <p>Random numbers require a lot more thought and preparation that
+	would naively appear to be the case.  For simulations, number
+	sequences that are repeatable but sufficiently disordered are
+	often what is required to achieve required experimental
+	duplication ability, and many programmers are familiar with
+	these.  For cryptography, it is essential that an attacker not
+	be able to predict or guess the output sequence, thus giving a
+	source of security-critical secret material for uses such as
+	passwords or "key material".</p>
+
+      <p>&os;'s random number generator, available as the pseudo-file
+	<tt>/dev/random</tt> produces unpredictable numbers intended for
+	cryptographic use, and is thus a Cryptograpically-Secured
+	Pseudo-Random Number Generator, or CSPRNG.  The security is
+	given by careful design of the output generator (based on a
+	block cipher) and input entropy accumulation queues.  The latter
+	uses hashes to accumulate stochastic information harvested from
+	various places in the kernel to provide highly unpredictable
+	input to the generator.  The algorithm for doing this, Yarrow,
+	by Schneier et al, may be found by web search.</p>
+
+      <p>&os;'s CSPRNG also allowed for certain stochastic sources,
+	deemed to be "high-quality", to directly supply the
+	<tt>random(4)</tt> device without going through Yarrow.  With
+	recent revelations over possible government surveillance and
+	involvement in the selection of these "high-quality" sources, it
+	is felt that they can no longer be trusted, and must therefore
+	also be processed though Yarrow.</p>
+
+      <p>The matter was discussed at various levels of formality at the
+	Cambridge Developer Summit in August, and at EuroBSDcon 2013 in
+	September.</p>
+
+      <p>This work is now done, and the <tt>random(4)</tt> CSPRNG is now
+	brought to a more paranoid, modern standard of distrust with
+	regard to its entropy sources.  Infrastructure work was also
+	done to facilitate certain entropy-source choices for the
+	convenience of the system administrators.</p>
+
+      <p>Future work is now going ahead with the implementation of the
+	Fortuna algorithm by Ferguson and Schneier as an upgrade or
+	alternative to Yarrow.  Initially a choice will be presented,
+	and decisions on the future of the CSPRNG processing algorithms
+	in use will be made in the future as needs arise.</p>
     </body>
 
     <help>
-      <task>Fortuna is to be an alternative for Yarrow in FreeBSD&nbsp;11.x.</task>
-      <task>Yarrow may be deprecated in a couple of years.</task>
-      <task>FIPS 800-90b support is planned.</task>
-      <task>A full, in-depth review of entropy is going to be done with
-	external help.</task>
+      <task>Implement FIPS 800-90b support.</task>
+      <task>A full, in-depth review of entropy.</task>
     </help>
   </project>