[gnutls-devel] lock-free random generator

Niels Möller nisse at lysator.liu.se
Sun Feb 19 19:17:14 CET 2017

Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> writes:

> Currently gnutls provides a "central" random generator based on yarrow
> (for keys) and salsa20 (for nonces) primitives, and it is thread safe
> by utilizing mutexes over it. An application that has more than
> 100-200 threads is most likely to spend more time in synchronization
> rather than the random generator itself. A solution to that would be
> to provide a thread-local random generator which will work lock-free,
> at the cost of additional memory per-thread -around 600-700 bytes for
> the current generator-.

Would it make sense to handle the two cases differently, with a
thread-local nonce-generator, but stick to a global key-generator
protected by a mutex?

I imagine there are a lot more calls for nonces than for keys?

For the yarrow reseed logic, I think it may be preferable with a global


Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.

More information about the Gnutls-devel mailing list