From: anonymous@extropia.wimsey.com
Date: Sun, 10 Apr 94 23:06:59 PDT
To: cypherpunks@toad.com
Subject: Code review is requested.
Message-ID: <199404110553.AA00997@xtropia>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks review code!

I have written a hack to allow pgp's random.h and random.c to be used
with a hardware random number generator. I have mailed this to a
number of U.S. cypherpunks with the request that the hack be
distributed widely in the U.S.

jim.wenzel@grapevine.lrk.ar.us (Jim Wenzel) has chosen to post this
hack on alt.security.pgp and it is consequently widely available.  The
post was titled "Questionable PGP Patch 01".

jim.wenzel@grapevine.lrk.ar.us (Jim Wenzel) has suggested the
possibility that my hack may contain a deliberate bug. I Quote:

>
>Below is a message that I received concerning a patch for PGP. As the 
>author did not sign the message and it is from an unknown origin I do 
>not recommend performing the patch. I post it here primarily so those 
>of interest can let those of us who are 'technoligically challenged' 
>know if it is legit or is someone trying to install a 'bug' into PGP. I 
>have omitted posting the header information in hopes that the original 
>author will post me.  
>
>*********************************************************************
>Forwarded message follows...
>***   I DO NOT VOUCH FOR THIS PATCH
>***   I DO NOT KNOW WHO THIS PATCH IS FROM
>***   (it was sent via an anonymous remailer)
>***   I DO NOT SUGGEST USING THIS PATCH
>***   <other standard disclaimers as they may be needed>
>*********************************************************************
>

I would like to note that this hack can only be used by those that
actually have a hardware RNG. But the code is "IFDEF"ed so that it
does not actually enable RNG support unless it is requested to do so
by "DEFINE"s.

I would like to assure everyone that I did not place any deliberate
bugs in my hack. However, jim.wenzel@grapevine.lrk.ar.us (Jim
Wenzel)'s point is well taken. I may sure that I did not place any
deliberate bugs in the hack, but you can not be without careful code
review.  Also, there is the possibility of bugs caused by programmer
error.

To address these problems, I would like to request that code oriented
Cypherpunks perform a code review of the hack. I have only tested the
hack under OS/2 and the MS-DOS program loader.

I have already noted the following possibilities for improvement:

1) The versions of the hack that use an operating system IO driver
(RANDDRIVER) test that the driver was successfully opened. However if
the hack is compiled to directly access a bus hardware RNG thru its IO
port (HARDRANDOM) the hack does not do any test to assure that the RNG
is actually there. I believe that if you attempt to read a port that
is not supported by hardware you always get -1, which is not very
random. Thus there is the problem that some one could attempt to use a
version of pgp that was originally compiled for a machine with a RNG
on a machine without a RNG. If they did this they could inadvertently
created very breakable ciphers! Perhaps some enterprising cypherpunk
could add code to do minimal randomness checks on the RNG when it is
first used, to test that the RNG is actually there.



2)
Stichting FREMM
Alexanderkade 1
1018 CH Amsterdam
The Netherlands

sells a RNG that attaches directly to a serial port. Perhaps such a
RNG could be used in connection with my hack using the (RANDDRIVER)
option and the operating system's interface to the serial
port. However I have provided no options for setting the baudrate,
flow control options and other parameters that should be set when
opening a connection to a serial port. I do not know the proper values
for these parameters and I do not have a device to test with. Perhaps
some cypherpunk will volunteer to write such code. It should be
"IFDEF"ed. Also FOSSIL support for the PC world springs to mind. Such
code is always highly operating system dependent. Different code could
be written for each operating system supported by PGP for a hardware
RNG connected to a serial port.



3) There may be other RNG's in existence which are accessed in a
different way, or have different IO drivers. If you have knowledge of
such RNG's please post the info to the cypherpunks mailing list.




In summary, I would like to request that code oriented cypherpunks do
a code review of my hack to support hardware RNG's using random.h and
random.c. Results may be posted on the cypherpunks mailing list.

Since the hack has been posted to alt.security.pgp, the hack is
available globally. Someone outside the U.S. should uudecode the hack
and place it on some FTP site somewhere where it can be publicly
available.

After the code has been reviewed and corrected if necessary, it could
be included in the next source code release of PGP.

Yours in anonymity
XXX