[PATCH 4/4] DRBG: HMAC-SHA1 DRBG has crypto strength of 128 bits

From: Stephan Mueller
Date: Tue Jul 01 2014 - 11:11:40 EST

Next message: Stephan Mueller: "[PATCH 3/4] DRBG: fix memory corruption for AES192"
Previous message: Andy Lutomirski: "Re: [PATCH RFC net-next 03/14] bpf: introduce syscall(BPF, ...) and BPF maps"
In reply to: Stephan Mueller: "[PATCH 0/4] DRBG: Fixes for code review comments"
Next in thread: Stephan Mueller: "[PATCH 3/4] DRBG: fix memory corruption for AES192"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The patch corrects the security strength of the HMAC-SHA1 DRBG to 128
bits. This strength defines the size of the seed required for the DRBG.
Thus, the patch lowers the seeding requirement from 256 bits to 128 bits
for HMAC-SHA1.

Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
---
crypto/drbg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/drbg.c b/crypto/drbg.c
index c2f02b7..e6c52e0 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -195,7 +195,7 @@ static const struct drbg_core drbg_cores[] = {
#endif /* CONFIG_CRYPTO_DRBG_HASH */
#ifdef CONFIG_CRYPTO_DRBG_HMAC
{
- .flags = DRBG_HMAC | DRBG_STRENGTH256,
+ .flags = DRBG_HMAC | DRBG_STRENGTH128,
.statelen = 20, /* block length of cipher */
.max_addtllen = 35,
.max_bits = 19,
--
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephan Mueller: "[PATCH 3/4] DRBG: fix memory corruption for AES192"
Previous message: Andy Lutomirski: "Re: [PATCH RFC net-next 03/14] bpf: introduce syscall(BPF, ...) and BPF maps"
In reply to: Stephan Mueller: "[PATCH 0/4] DRBG: Fixes for code review comments"
Next in thread: Stephan Mueller: "[PATCH 3/4] DRBG: fix memory corruption for AES192"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]