[gnutls-devel] lock-free random generator
Niels Möller
nisse at lysator.liu.se
Sun Feb 19 19:17:14 CET 2017
Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> writes:
> Currently gnutls provides a "central" random generator based on yarrow
> (for keys) and salsa20 (for nonces) primitives, and it is thread safe
> by utilizing mutexes over it. An application that has more than
> 100-200 threads is most likely to spend more time in synchronization
> rather than the random generator itself. A solution to that would be
> to provide a thread-local random generator which will work lock-free,
> at the cost of additional memory per-thread -around 600-700 bytes for
> the current generator-.
Would it make sense to handle the two cases differently, with a
thread-local nonce-generator, but stick to a global key-generator
protected by a mutex?
I imagine there are a lot more calls for nonces than for keys?
For the yarrow reseed logic, I think it may be preferable with a global
instance.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
More information about the Gnutls-devel
mailing list