Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
From: Theodore Tso
Date: Wed May 24 2006 - 20:08:13 EST
On Thu, May 25, 2006 at 12:47:18AM +0200, Marcin Dalecki wrote:
> Anytime you start to make unquantified assumptions in the context of
> / dev/random the issue turns up that this whole thing is not worth
> the trouble because much simpler approaches will be sufficient
> enough to acomplish what it does. On the other hand you can't
> provide any actual full analysis of it's behaviour - which is just
> *not acceptable* for anybody trully concerned. And this in
> conjunction makes the WHOLE idea behind it questionable.
Nobody can provide any kind of full analysis about whether or not
SHA-2 or AES is secure, either. Does that we mean we just give up and
go home? No, we do the best job we can, with the best information we
have. Sometimes that means we have to make assumptions, but the
entire construction of AES and SHA-2 is based on similar assumptions,
too.
Academics who make "full analysis" generally use as axioms things like
"assume MD5 is secure" or "assume SHA-1 is secure", which are really
fancy assumptions. If we had used a "simpler approaches" based such
axioms we might have been in trouble. So I think some of the analysis
and designs choices that I made in /dev/random is most definitely
worth the trouble.
Regards,
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/