| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2015 08:34:08 +1100
From: Herbert Xu <herbert@...dor.apana.org.au>
To: David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org, roland@...estorage.com
Subject: Re: arp_hash
On Sun, Mar 22, 2015 at 12:54:58PM -0400, David Miller wrote:
> From: Herbert Xu <herbert@...dor.apana.org.au>
> Date: Sun, 22 Mar 2015 22:42:04 +1100
>
> > If the attacker can somehow get the pointer value of the device
> > then all is lost since they could set any number of the low bits
> > of val to zero.
>
> This "attacker" with access to your physcial network?
It could be a malicious local user, or it could be any host
if you are a router.
> I'm all for shifting the device pointer down a few bits to get more
> entropy, but I don't completely agree with the rest of your
> objections.
Granted for IPv4 you're not going to be in big trouble unless
you have a very large network (e.g. /16) configured. But with
IPv6 this could seriously hose your box.
> This hash function has to be as fast as possible, even jhash{,2} is
> too expensive.
So what scales we are talking about, twice, three times? Have you
considered more modern hashes such as SipHash or SpookyHash
(successor to jhash/lookup3 and supposedly faster)?
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists