| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACXcFm=ysn15Lh9Exeo8nKEAuBoZ7pB3eDesL_P_Ne3Kaxcunw@mail.gmail.com> Date: Fri, 17 Jun 2016 11:26:23 -0400 From: Sandy Harris <sandyinchina@...il.com> To: David Jaša <djasa@...hat.com> Cc: Stephan Mueller <smueller@...onox.de>, Andi Kleen <andi@...stfloor.org>, Jason Cooper <cryptography@...edaemon.net>, John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...ux.intel.com>, Joe Perches <joe@...ches.com>, Pavel Machek <pavel@....cz>, George Spelvin <linux@...izon.com>, linux-crypto@...r.kernel.org, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v4 0/5] /dev/random - a new approach David Jaša <djasa@...hat.com> wrote: > > BTW when looking at an old BSI's issue with Linux urandom that Jarod > Wilson tried to solve with this series: > https://www.spinics.net/lists/linux-crypto/msg06113.html > I was thinking: > 1) wouldn't it help for large urandom consumers if kernel created a DRBG > instance for each of them? It would likely enhance performance and solve > BSI's concern of predicting what numbers could other urandom consumers > obtain at cost of memory footprint > and then, after reading paper associated with this series: > 2) did you evaluate use of intermediate DRBG fed by primary generator to > instantiate per-node DRBG's? It would allow initialization of all > secondary DRBGs right after primary generator initialization. Theodore Ts'o, the random maintainer, already has a patch that seems to deal with this issue. He has posted more than one version & I'm not sure this is the best or latest, but ... https://lkml.org/lkml/2016/5/30/22
Powered by blists - more mailing lists