From: "Theodore Ts'o" <tytso@mit.edu>
To: "Ondřej Bílka" <neleai@seznam.cz>
Cc: Stephan Mueller <smueller@chronox.de>,
Andrew Morton <akpm@linux-foundation.org>,
lkml <linux-kernel@vger.kernel.org>,
Jeff Liu <jeff.liu@oracle.com>, Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH] avoid entropy starvation due to stack protection
Date: Sat, 22 Dec 2012 14:29:05 -0500 [thread overview]
Message-ID: <20121222192905.GA12563@thunk.org> (raw)
In-Reply-To: <20121221200735.GB5867@domone>
On Fri, Dec 21, 2012 at 09:07:35PM +0100, Ondřej Bílka wrote:
> I was suggesting in another thread different approach.
>
> Use AES-based cryptographic random number generator as replacement of
> /dev/urandom. Reseeding would get done by changing both aes key and
> data.
>
> This would with hardware support make /dev/urandom much faster than its now.
You can do this in userspace. And in fact, if you need huge numbers
of random session keys, such as in a Kerberos KDC or an IPSEC IKE
daemon, that's what I would recommand (and what most of them do
already).
The original goal and intent for /dev/random was really for long-term
keys where we are trying to leverage randomness available from
hardware, which only the kernel would be able to collect. It was not
intended as a high speed random number generator; the best use of it
is either for the generation of a long-term public key, or other
secret (such as a Kerberos master key), or to seed a cryptographic
random number generator which then operates in userspace.
If you need speed, then by all means, use a cryptographic random
number generator in userspace, or if it's for a monte carlo simulator,
use a good userspace PRNG.
- Ted
next prev parent reply other threads:[~2012-12-22 19:29 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-11 12:33 [PATCH] avoid entropy starvation due to stack protection Stephan Mueller
2012-12-12 10:48 ` Stephan Mueller
2012-12-13 0:43 ` Andrew Morton
2012-12-13 7:44 ` Stephan Mueller
2012-12-14 17:36 ` Stephan Mueller
2012-12-16 0:30 ` Theodore Ts'o
2012-12-16 12:46 ` Stephan Müller
2012-12-21 20:07 ` Ondřej Bílka
2012-12-22 19:29 ` Theodore Ts'o [this message]
2012-12-15 19:15 ` Ondřej Bílka
2012-12-15 22:59 ` Stephan Müller
2012-12-21 19:32 ` Ondřej Bílka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121222192905.GA12563@thunk.org \
--to=tytso@mit.edu \
--cc=akpm@linux-foundation.org \
--cc=jeff.liu@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=neleai@seznam.cz \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.