On Sat, 21 May 2022 11:49:47 +0200 Morten Brørup <m...@smartsharesystems.com> wrote:
> > > > Also, worth considering dropping DPDK random number generator > > in userspace for security reasons and just using more secure kernel > > code. > > Absolutely not! We need a fast pseudorandom number generator in DPDK. > > If anything, we could consider renaming the functions and header file to > reflect that they are pseudorandom number generators, and not > (cryptographically) random generators. That would cause an API/ABI breakage, > so it's probably not going to happen. ;-) The Linux kernel has received an way more attention on random numbers than DPDK. If you follow the history, what happens is that a simple dumb LCG or similar random number generator gets invented, and then gets used for lots of things that people don't think need a strong generator. Followed by DoS and other attacks where the weak random number generator is broken when used for doing things like creating sequence numbers of TCP port assignment. This is then followed by even more work on the kernel random number generator to make the default random number generator stronger. I bring up this history, so that DPDK won't have to repeat it. Right now the DPDK random number generator is insecure because it uses long but weak PRNG and never reseeds itself. See: https://lwn.net/Articles/884875/ There is also FIPS to consider. https://lwn.net/Articles/877607/ Since random number generators are hard, prefer that someone else do it :-)
