Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF

From: Jason A. Donenfeld
Date: Fri Dec 16 2016 - 17:19:05 EST

Next message: Kees Cook: "Re: [PATCH v4 0/4] Introduce the initify gcc plugin"
Previous message: PaX Team: "Re: [PATCH] latent_entropy: fix ARM build error on earlier gcc"
In reply to: Andy Lutomirski: "Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF"
Next in thread: George Spelvin: "Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 16, 2016 at 11:13 PM, George Spelvin
<linux@xxxxxxxxxxxxxxxxxxx> wrote:
> Remembering that on "real" machines it's full SipHash, then I'd say that
> 64-bit security + rekeying seems reasonable.

64-bit security for an RNG is not reasonable even with rekeying. No no
no. Considering we already have a massive speed-up here with the
secure version, there's zero reason to start weakening the security
because we're trigger happy with our benchmarks. No no no.

Next message: Kees Cook: "Re: [PATCH v4 0/4] Introduce the initify gcc plugin"
Previous message: PaX Team: "Re: [PATCH] latent_entropy: fix ARM build error on earlier gcc"
In reply to: Andy Lutomirski: "Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF"
Next in thread: George Spelvin: "Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]