| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jJUeMcVQDTd2JAYFTbTk0DcN84i1-4EOJcvLR9zNgyoOQ@mail.gmail.com>
Date: Wed, 18 Jul 2018 20:14:07 -0700
From: Kees Cook <keescook@...omium.org>
To: Eric Biggers <ebiggers3@...il.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
Giovanni Cabiddu <giovanni.cabiddu@...el.com>,
Arnd Bergmann <arnd@...db.de>,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
Mike Snitzer <snitzer@...hat.com>,
Eric Biggers <ebiggers@...gle.com>, qat-linux@...el.com,
LKML <linux-kernel@...r.kernel.org>, dm-devel@...hat.com,
linux-crypto <linux-crypto@...r.kernel.org>,
Lars Persson <larper@...s.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Alasdair Kergon <agk@...hat.com>,
Rabin Vincent <rabinv@...s.com>
Subject: Re: [dm-devel] [PATCH v5 05/11] crypto: ahash: Remove VLA usage
On Tue, Jul 17, 2018 at 4:12 PM, Eric Biggers <ebiggers3@...il.com> wrote:
> I just don't see why ahash algorithms would need such a huge maximum digest
> size. Don't the 'ahash' algorithms all have 'shash' equivalents too? Is there
> actually any hash algorithm, either shash or ahash, in the Linux kernel that has
> a digest size greater than 64 bytes (512 bits)? Note that for a real
> cryptographic hash there isn't really any need for a digest size larger than
> that, since that already gives you 256-bit collision resistance; that's why
> SHA-2 and SHA-3 max out at that size.
Yup, it certainly looks that way on investigation. I'll adjust both
ahash and shash to use the same #define.
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists