Re: [RFC] AES instead of SHA1 for /dev/urandom

From: Pavel Machek
Date: Tue Jan 01 2013 - 17:50:23 EST

Next message: Samuel Thibault: "[PATCH,staging/speakup] Prefix externally-visible symbols"
Previous message: Alexey Khoroshilov: "Re: [PATCH] p54pci: don't return zero on failure path in p54p_probe()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed 2012-12-12 20:10:16, NeilBrown wrote:
> On Wed, 12 Dec 2012 09:58:16 +0100 OndÅej BÃlka <neleai@xxxxxxxxx> wrote:
>
> > On Wed, Dec 12, 2012 at 01:08:26PM +1100, NeilBrown wrote:
> > > On Wed, 12 Dec 2012 03:03:54 +0100 OndÅej BÃlka <neleai@xxxxxxxxx> wrote:
> > >
> > > > I consider to speed-up /dev/urandom on recent intel processors by
> > > > using hardware aes. Same for accelerated aes crypto.
> > > >
> > > > Would you accept a patch if I wrote it?
> > >
> > > Have you read https://lwn.net/Articles/525459 ?
> > >
> > Yes
> > > In particular the paragraph containing:
> > >
> > > A member of the audience asked why the kernel couldn't just do away with
> > > the existing system and use the HWRNG directly.
> > >
> > > Does that answer your question in any way?
> > >
> > No as AES is a HWRNG about as much as horse is type of automobile.
>
> Yes, of course. Thanks.

Dunno. Some people don't trust HWRNG for various reasons.... (what if
it malfunctions? what if it is backdoored?)

Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Samuel Thibault: "[PATCH,staging/speakup] Prefix externally-visible symbols"
Previous message: Alexey Khoroshilov: "Re: [PATCH] p54pci: don't return zero on failure path in p54p_probe()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]