Re: [patch] random: make get_random_int() more random
From: Matt Mackall
Date: Wed May 06 2009 - 17:14:41 EST
On Wed, May 06, 2009 at 10:51:45PM +0200, Ingo Molnar wrote:
> Linus's patch is a marked improvement, and it is really what we need
> here mostly.
No one's arguing that it isn't an improvement. But -15 years of
research- points to MD4 (let alone **half**MD4) being insufficient. To
counter that, two non-cryptanalysts have presented nothing beyond "it
seems strong enough to me" and "it passes a meaningless test". Pardon
me if I'm not satisfied by that.
> We cannot afford true physical randomness (it's too expensive to get
> and not all hw has it), and even a 'good' PRNG is pretty expensive.
And what of my suggestion (multiple times now) to replace halfMD4 with
SHA1? Or AES. Or any cryptographic primitive that's not known to be
completely worthless?
--
Mathematics is the supreme nostalgia of our time.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/