From: Theodore Ts'o <tytso@mit.edu>
To: Stephan Mueller <smueller@chronox.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
Linux Kernel Developers List <linux-kernel@vger.kernel.org>,
linux-crypto@vger.kernel.org, andi@firstfloor.org,
sandyinchina@gmail.com, jsd@av8n.com, hpa@zytor.com
Subject: Re: [PATCH 5/7] random: replace non-blocking pool with a Chacha20-based CRNG
Date: Mon, 20 Jun 2016 19:48:19 -0400 [thread overview]
Message-ID: <20160620234819.GF9848@thunk.org> (raw)
In-Reply-To: <2101992.L9gKN5cFdv@tauon.atsec.com>
On Mon, Jun 20, 2016 at 05:49:17PM +0200, Stephan Mueller wrote:
>
> Is speed everything we should care about? What about:
>
> - offloading of crypto operation from the CPU
In practice CPU offland is not helpful, and in fact, in most cases is
harmful, when one is only encrypting a tiny amount of data. That's
because the cost of setup and teardown, not to mention key scheduling,
dominate. This is less of the case in the case of the SIMD / AVX
optimizations --- but that's because these are CPU instructions, and
there really isn't any CPU offloading going on.
> - potentially additional security features a hardware cipher may provide like
> cache coloring attack resistance?
Um.... have you even taken a *look* at how ChaCha20 is implemented?
*What* cache coloring attack is possible at all, period?
Hint: where are the lookup tables? Where are the data-dependent
memory accesses in the ChaCha20 core?
- Ted
next prev parent reply other threads:[~2016-06-20 23:48 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-13 15:48 [PATCH-v4 0/7] random: replace urandom pool with a CRNG Theodore Ts'o
2016-06-13 15:48 ` [PATCH 1/7] random: initialize the non-blocking pool via add_hwgenerator_randomness() Theodore Ts'o
2016-06-13 15:48 ` [PATCH 2/7] random: print a warning for the first ten uninitialized random users Theodore Ts'o
2016-06-13 15:48 ` [PATCH 3/7] random: add interrupt callback to VMBus IRQ handler Theodore Ts'o
2016-06-13 15:48 ` [PATCH 4/7] random: properly align get_random_int_hash Theodore Ts'o
2016-06-13 15:48 ` [PATCH 5/7] random: replace non-blocking pool with a Chacha20-based CRNG Theodore Ts'o
2016-06-13 18:00 ` Stephan Mueller
2016-06-13 19:03 ` Theodore Ts'o
2016-06-15 14:59 ` Herbert Xu
2016-06-19 23:18 ` Theodore Ts'o
2016-06-20 1:25 ` Herbert Xu
2016-06-20 5:02 ` Theodore Ts'o
2016-06-20 5:19 ` Herbert Xu
2016-06-20 15:01 ` Theodore Ts'o
2016-06-20 15:49 ` Stephan Mueller
2016-06-20 18:52 ` H. Peter Anvin
2016-06-20 23:48 ` Theodore Ts'o [this message]
2016-06-26 18:47 ` Pavel Machek
2016-06-26 19:10 ` Stephan Mueller
2016-06-26 22:51 ` Theodore Ts'o
2016-06-13 15:48 ` [PATCH 6/7] random: make /dev/urandom scalable for silly userspace programs Theodore Ts'o
2016-08-21 9:53 ` Jan Varho
2016-08-21 11:36 ` Theodore Ts'o
2016-06-13 15:48 ` [PATCH 7/7] random: add backtracking protection to the CRNG Theodore Ts'o
2016-06-26 18:47 ` Pavel Machek
2016-06-26 23:05 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160620234819.GF9848@thunk.org \
--to=tytso@mit.edu \
--cc=andi@firstfloor.org \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=jsd@av8n.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.