[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Entropy in the implementation of Lua
- From: Roberto Ierusalimschy <roberto@...>
- Date: Wed, 15 Mar 2023 15:30:42 -0300
> I know that randomness is a Huge topic, but my point is perhaps a bit
> simpler. Could we tweak the Lua implementation to offer a single
> PreProcessor protected source of "unsigned int" sized entropy, that by
> default could use "time(NULL)" (among others) but for which ports to other
> platforms might provide an alternative source of entropy. This function
> would replace "luai_makeseed" and "l_randomisePivot" and could be used by
> "randseed" instead of "time(NULL)". It would also mean that there would be
> no loss of entropy if the C functions supported on the platform only
> returned the error code -1.
It makes a lot of sense to unify those three functions, but there is
an arquitectural problem. Because the kernel needs it, the function
should be implemented inside the kernel, but it seems weird to have
it in the C API so that the libraries could use it too. (It is a
"service" completely unrelated to Lua itself.) An alternative would
be for Lua to receive this seed as an extra parameter to lua_newstate,
and then to implement this function in the auxiliary library.
> My unlikely worst-case-scenario is that lua's table.sort function is
> called, during which it repeatedly calls "l_randomizePivot" to provide
> alternative pivot points, but which keep returning the same value because
> "time" and "clock" are both returning -1.
That should not be a problem. That use of l_randomizePivot is relevant
only when the input to 'sort' is engineered for bad performance. Usually,
one random pivot is enough to break an "attack".
-- Roberto
