[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Dec 2016 00:04:27 +0100
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: Andi Kleen <ak@...ux.intel.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
"kernel-hardening@...ts.openwall.com"
<kernel-hardening@...ts.openwall.com>,
LKML <linux-kernel@...r.kernel.org>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
George Spelvin <linux@...izon.com>,
Scott Bauer <sbauer@....utah.edu>,
Andy Lutomirski <luto@...capital.net>,
Greg KH <gregkh@...uxfoundation.org>,
Eric Biggers <ebiggers3@...il.com>,
Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>,
"Daniel J . Bernstein" <djb@...yp.to>
Subject: Re: [PATCH v3] siphash: add cryptographically secure hashtable function
On Tue, Dec 13, 2016 at 12:01 AM, Andi Kleen <ak@...ux.intel.com> wrote:
> It would be nice if the network code could be converted to use siphash
> for the secure sequence numbers. Right now it pulls in a lot of code
> for bigger secure hashes just for that, which is a problem for tiny
> kernels.
Indeed this would be a great first candidate. There are lots of places
where MD5 (!!) is pulled in for this sort of thing, when SipHash could
be a faster and leaner replacement (and arguably more secure than
rusty MD5).
Powered by blists - more mailing lists