| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Dec 2016 09:08:21 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Rik van Riel <riel@...hat.com>
Cc: kernel-hardening@...ts.openwall.com,
"Jason A. Donenfeld" <Jason@...c4.com>,
George Spelvin <linux@...encehorizons.net>,
Theodore Ts'o <tytso@....edu>, Andi Kleen <ak@...ux.intel.com>,
David Miller <davem@...emloft.net>,
David Laight <David.Laight@...lab.com>,
"Daniel J . Bernstein" <djb@...yp.to>,
Eric Biggers <ebiggers3@...il.com>,
Hannes Frederic Sowa <hannes@...essinduktion.org>,
Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Andy Lutomirski <luto@...capital.net>,
Netdev <netdev@...r.kernel.org>,
Tom Herbert <tom@...bertland.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Vegard Nossum <vegard.nossum@...il.com>
Subject: Re: [kernel-hardening] Re: HalfSipHash Acceptable Usage
On Wed, 2016-12-21 at 11:39 -0500, Rik van Riel wrote:
> Does anybody still have a P4?
>
> If they do, they're probably better off replacing
> it with an Atom. The reduced power bills will pay
> for replacing that P4 within a year or two.
Well, maybe they have millions of units to replace.
>
> In short, I am not sure how important the P4
> performance numbers are, especially if we can
> improve security for everybody else...
Worth adding that the ISN or syncookie generation are less than 10% of
the actual cost of handling a problematic (having to generate ISN or
syncookie) TCP packet anyway.
So we are talking of minors potential impact for '2000-era' cpus.
Definitely I vote for using SipHash in TCP ASAP.
Powered by blists - more mailing lists