| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1380039015.3165.89.camel@edumazet-glaptop> Date: Tue, 24 Sep 2013 09:10:15 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Tom Herbert <therbert@...gle.com> Cc: David Miller <davem@...hat.com>, David Laight <David.Laight@...lab.com>, Linux Netdev List <netdev@...r.kernel.org>, "Brandeburg, Jesse" <jesse.brandeburg@...el.com> Subject: Re: [PATCH 1/2] net: Toeplitz library functions On Tue, 2013-09-24 at 08:54 -0700, Tom Herbert wrote: > The Toeplitz function uses a secret key whose length is based on the > input length. 96 bits in IPv4, 320 bits in IPv6. I don't see how an > attacker can reproduce this if the key is random. If the problem is > that devices are not being configured with a sufficiently random key > (some actually are using a fixed key :-( ), that's a separate issue > that should be addressed. It is possible to DoS attack through the > steering mechanism. Well, your patch would make sense [1] only if we could use hardware assistance, but right now we have no idea of how safe are the existing assistances. [1] Computing Toeplitz in software is way more expensive than jhash. Dos attack is quite simple right now, even without knowing if the target uses or not steering. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists