Pravir Chandra wrote:
>
> I've been working to change the implementation of /dev/random over to the
> Yarrow-160a algorithm created by Bruce Schneier and John Kelsey. We've been
> working on parallel development for Linux and NT so that the algorithms are
> matching. The Yarrow 160A algorithm is a variant of Yarrow-160 that has come
> about from discussions with John Kelsey. We've been in contact with him
> throughout our development effort.
>
Why? What's wrong with the current implementation. And more important
still: How well-known is Yarrow160A? I cannot find it in my copy of
[Schneier96], so it is probably not older than four years.
> In any case, this requires use of a hash function (sha1) and a block cipher
> (3des). We were going to do a replacement of /dev/random (it's nearly finished)
> but in retrospect, it seemed that I hadn't looked into the current state of
> incorporating crypto into the kernel. If anyone has any suggestions, comments,
> questions, please email.
>
_Please_ use the crypto api. It provides for a cipher and a digest(hash)
api. sha1 is implemented and functional (AFAICS), but 3des will have to
be converted to use the new api. That is not hard. If it does not fit
your needs, try convincing astor to make changes. It's really time that
the crypto api gets used by more than loopvack crypto, esp. now that it
is distributed on ftp.*.kernel.org.
> Also, does anyone have any complaints against incorporating a new /dev/random
> into the kernel?
>
Do you mean /rev/random or /dev/urandom?
<snip>
Marc
-- Marc Mutz <Marc@Mutz.com> http://marc.mutz.com/Encryption-HOWTO/ University of Bielefeld, Dep. of Mathematics / Dep. of PhysicsPGP-keyID's: 0xd46ce9ab (RSA), 0x7ae55b9e (DSS/DH)
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:16 EST