lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140921175515.GA30646@thunk.org>
Date:	Sun, 21 Sep 2014 13:55:15 -0400
From:	Theodore Ts'o <tytso@....edu>
To:	George Spelvin <linux@...izon.com>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: [RFC] mke2fs -E hash_alg=siphash: any interest?

On Sun, Sep 21, 2014 at 05:53:39AM -0400, George Spelvin wrote:
> 
> Basically, it offers security similar to teahash with a faster, and better
> studied, primitive designed specifically for this application.
> 
> I'm thinking of turning this into a patch for ext2utils and fs/ext4.
> 
> Could I ask what the general level of interest is?  On a scale of "hell,
> no, not more support burden!" to "thank you, I've been meaning to find
> time to add that!"

I'm certainly not against adding a new hash function.  The reality is
that it would be quite a while before we could turn it on by default,
because of the backwards compatibility concerns.

The question I would ask is whether we can show an anctual performance
improvement with the hash being used in situ.  Let's give it the best
possible chance of making a difference; let's assume a RAM disk with a
very metadata intensive benchmark, with journalling turned off.  What
sort of difference would we see, either in terms of system CPU time,
wall clock time, etc.?

The results of such a benchmark would certainly make a difference in
how aggressively we might try to phase in a new hash algorithm.

Cheers,

					- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ