lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2018 20:14:07 -0700 From: Kees Cook <keescook@...omium.org> To: Eric Biggers <ebiggers3@...il.com> Cc: Herbert Xu <herbert@...dor.apana.org.au>, Giovanni Cabiddu <giovanni.cabiddu@...el.com>, Arnd Bergmann <arnd@...db.de>, "Gustavo A. R. Silva" <gustavo@...eddedor.com>, Mike Snitzer <snitzer@...hat.com>, Eric Biggers <ebiggers@...gle.com>, qat-linux@...el.com, LKML <linux-kernel@...r.kernel.org>, dm-devel@...hat.com, linux-crypto <linux-crypto@...r.kernel.org>, Lars Persson <larper@...s.com>, Tim Chen <tim.c.chen@...ux.intel.com>, Alasdair Kergon <agk@...hat.com>, Rabin Vincent <rabinv@...s.com> Subject: Re: [dm-devel] [PATCH v5 05/11] crypto: ahash: Remove VLA usage On Tue, Jul 17, 2018 at 4:12 PM, Eric Biggers <ebiggers3@...il.com> wrote: > I just don't see why ahash algorithms would need such a huge maximum digest > size. Don't the 'ahash' algorithms all have 'shash' equivalents too? Is there > actually any hash algorithm, either shash or ahash, in the Linux kernel that has > a digest size greater than 64 bytes (512 bits)? Note that for a real > cryptographic hash there isn't really any need for a digest size larger than > that, since that already gives you 256-bit collision resistance; that's why > SHA-2 and SHA-3 max out at that size. Yup, it certainly looks that way on investigation. I'll adjust both ahash and shash to use the same #define. -Kees -- Kees Cook Pixel Security
Powered by blists - more mailing lists