| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACXcFm=jK=DuzaJFwEBK58wYJ96PSS317uOtc5BieXwjy4oVnQ@mail.gmail.com> Date: Mon, 14 Oct 2013 17:33:13 -0400 From: Sandy Harris <sandyinchina@...il.com> To: Stephan Mueller <smueller@...onox.de> Cc: "Theodore Ts'o" <tytso@....edu>, LKML <linux-kernel@...r.kernel.org>, linux-crypto@...r.kernel.org Subject: Re: [PATCH] CPU Jitter RNG: inclusion into kernel crypto API and /dev/random Stephan Mueller <smueller@...onox.de> wrote: > [quoting me] >> ...your code is basically, with 64-bit x: >> >> for( i=0, x = 0 ; i < 64; i++, x =rotl(x) ) >> x |= bit() > > Why not declare some 64-bit constant C with a significant >>number of bits set and do this: >> >> for( i=0, x = 0 ; i < 64; i++, x =rotl(x) ) // same loop control >> if( bit() ) x ^= C ; >> >>This makes every output bit depend on many input bits >>and costs almost nothing extra. > Ok, let me play a bit with that. Maybe I can add another flag to the > allocation function so that the caller can decide whether to use that. > If the user is another RNG, you skip that mixing function, otherwise you > should take it. I'd say just do it. It is cheap enough and using it does no harm even where it is not strictly needed. Adding a flag just gives the calling code a chance to get it wrong. Better not to take that risk if you don't have to. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists