[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.01.0905160911400.3301@localhost.localdomain>
Date: Sat, 16 May 2009 09:17:25 -0700 (PDT)
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Oliver Neukum <oliver@...kum.org>
cc: security@...nel.org, Linux@...a.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
James Morris <jmorris@...ei.org>, de Ven <arjan@...radead.org>,
Roland McGrath <roland@...hat.com>,
List <linux-kernel@...r.kernel.org>, Arjan@...a.kernel.org,
stable@...nel.org, Dave Jones <davej@...hat.com>,
linux-security-module@...r.kernel.org, mingo@...hat.com,
Eric Paris <eparis@...hat.com>, Matt Mackall <mpm@...enic.com>,
Alan@...a.kernel.org, Jake Edge <jake@....net>,
Cox <alan@...rguk.ukuu.org.uk>,
"Eric W. Biederman" <ebiederm@...ssion.com>
Subject: Re: [Security] [patch] random: make get_random_int() more random
On Sat, 16 May 2009, Linus Torvalds wrote:
>
> So "one of X known functions" does not help
Side note - here the keyword is "X known functions". If the function
simply isn't known at all, you've now made it harder by a _much_ higher
factor. If the function is any good (ie doesn't leave any patterns to
guess what function it is), you really basically have to first solve that
independent problem.
And the space of possible functions is pretty damn large, even if you
start with some assumption ("some combination of known good cryptographic
hashes + some unknown seeding algorithm and data").
So practically speaking, nobody ever cracks those things without somehow
decoding the function itself (through doing something like disassembling
obfuscated code).
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists