Re: [RFC][PATCH] Make cryptoapi non-optional?

From: David Wagner
Date: Mon Aug 11 2003 - 14:30:36 EST

Next message: Rahul Karnik: "Re: Linux [2.6.0-test3/mm1] aic7xxx problems."
Previous message: Pavel Machek: "Re: [PATCH] lirc for 2.5/2.6 kernels - 20030802"
In reply to: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Next in thread: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jamie Lokier wrote:
>It may be that an attacker knows about a systemic problem with our
>machine that we don't know about. For example the attacker might know
>our pool state well enough shortly after boot time, to have a chance
>at matching a dictionary of 2^32 hashes. The attacker might have had
>a chance to read our disk, which reseeding the pool at boot time does
>not protect against.
>
>With the right algorithm, we can protect against weaknesses of this kind.

How? No matter what we do, the outputs are going to be a deterministic
function of the state of the pool. If the attacker can guess the entire
state of our pool (or narrow it down to 2^32 possibilities), we're screwed,
no matter what. Right?

I must be misunderstanding your point. What am I missing?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rahul Karnik: "Re: Linux [2.6.0-test3/mm1] aic7xxx problems."
Previous message: Pavel Machek: "Re: [PATCH] lirc for 2.5/2.6 kernels - 20030802"
In reply to: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Next in thread: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]