On Sat, May 06, 2006 at 10:46:39PM -0700, David S. Miller wrote:
> You're just circling around the real issues and trying to be "right"
> and this is what I dislike so much about theoretical people. They
> show you what can be done theoretically, yet never in practice with
> what we really have now.
What you're missing is this:
/dev/random's entropy counting scheme sole reason to exist is to
defend against theoretical future attacks against its cryptographic
primitives. Thus _any_ discussion of its correctness must perforce be
theoretical.
By substituting CRC-16 for SHA1, I've simply brought the future
attack we're concerned about to today.
As I said at the beginning of this thread, I'm perfectly happy to
continue taking samples from network devices. My concerns are entirely
with how we account their entropy, which is strictly in the realm of
theory to start with.
I will instead change the entropy estimator to be more conservative
and to note the presence of high resolution clocks so that we can feed
it garbage more safely.
--
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
