Re: DRBG seeding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Apr 17, 2015 at 02:48:51PM +0200, Stephan Mueller wrote:
>
> Do you really think that this is possible? If the DRBG becomes the stdrng, you 
> would imply that those callers (e.g. IPSEC) may suffer from a long block (and 
> with long I mean not just seconds, but minutes).

It's only 49 bytes for every 64K so I think it's reasonable.
The only reason someone would use this is to comply with the
standard and this is what the standard requires so I don't see
how we can do anything else.
 
> Furthermore, I fail to see the difference between the current default stdrng 
> (krng -- which is just get_random_bytes in disguise). Thus, the current 
> situation with the DRBG seeding is not different from the non-DRBG use case.

The difference is that krng doesn't have to satisfy any standard.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux