| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141207125157.GA9745@gondor.apana.org.au> Date: Sun, 7 Dec 2014 20:51:57 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: George Spelvin <linux@...izon.com> Cc: dborkman@...hat.com, hannes@...essinduktion.org, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, tgraf@...g.ch, "David S. Miller" <davem@...emloft.net>, Theodore Ts'o <tytso@....edu> Subject: Re: Where exactly will arch_fast_hash be used On Sun, Dec 07, 2014 at 05:02:52AM -0500, George Spelvin wrote: > > How does this implicate the low bits specifically? If you can easily deduce the pre-images that make the last bit of the hash even or odd, then you've just cut your search space for collisions by half. The real killer is that you can do this without knowing what the secret is. Our entire scheme is dependent on using the secret to defeat would-be attackers. If CRC does not make effective use of the secret, then we're essentially naked against attackers. Cheers, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists