lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	7 Dec 2014 08:30:56 -0500
From:	"George Spelvin" <linux@...izon.com>
To:	hannes@...essinduktion.org, linux@...izon.com
Cc:	dborkman@...hat.com, herbert@...dor.apana.org.au,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org, tgraf@...g.ch
Subject: Re: Where exactly will arch_fast_hash be used

Thanks for the encouragement!

> Please consider xfs, too.
> AFAIK xfs doesn't seed their hashing so far and the hashing function is
> pretty weak. One example:
> http://marc.info/?l=linux-xfs&m=139590613002926&w=2

Is that something that *can* be changed without breaking the
disk format?  SipHash is explicitly *not* designed to be secure as
an unkeyed hash in the way that SHA-type algorithms are.

What it's designed to do is provide second preimage resistance
of its output, or a function (like modular reduction) of its output,
against an attacker who doesn't know the secret seed.

> Ack. If we want to use it in the networking stack we should be able to
> use it without a dependency to the crypto framework.

Already understood.  My big question is whether a single function call
is okay or we need something inlinable.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists