lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+55aFwdA_6W1GZZG76wVvmDQnEMj3hYBt6Md7GcFE02OkqiVA@mail.gmail.com>
Date:	Sat, 30 Jul 2011 14:29:38 -1000
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	George Spelvin <linux@...izon.com>
Cc:	linux-kernel@...r.kernel.org, mpm@...enic.com, tytso@....edu
Subject: Re: [PATCH 1/2] random: Add support for architectural random hooks

On Sat, Jul 30, 2011 at 1:46 PM, George Spelvin <linux@...izon.com> wrote:
>
> I agree with your second paragraph, but disagree violently with your
> first: Intel provide no way to test their RNG, and the AES-based whitener
> makes it completely private and UNtestable.

Umm.

Guys, if your argument is that you cannot possibly distinguish the
Intel implementation from "true" randomness, then WHAT THE HELL are
you complaining about?

We don't even care. "True randomness" and "something we cannot
possibly even test and distinguish from true randomess" are 100%
equivalent. Stop with the idiotic "we cannot test it" crap. If it
really is indistinguishable from true randomness, nobody will ever
care.

It's that simple. Really.

And if somebody ever figures out that Intel flubbed, and you actually
*can* tell it from true randomness, even then, what's the downside? It
will be practically random anyway, and we'll be mixing it up some
more.

Seriously. This whole discussion just makes me convinced that security
people are so far removed from reality that it's not even relevant any
more.

            Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ