From: Theodore Ts'o <tytso@mit.edu>
To: Stephan Mueller <smueller@chronox.de>
Cc: Sandy Harris <sandyinchina@gmail.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-crypto@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] random: add random_initialized command line param
Date: Wed, 20 May 2015 11:06:42 -0400 [thread overview]
Message-ID: <20150520150642.GJ2871@thunk.org> (raw)
In-Reply-To: <3005024.K2tYVGR0qE@tauon>
On Wed, May 20, 2015 at 08:29:19AM +0200, Stephan Mueller wrote:
>
> But I see that such a change may not be warranted at this
> point. Though, I see that discussion may rise again in the future
> when such new requirements for 256 bit keys (not only AES, thanks
> Sandy for mentioning :-) ) are commonly raised.
Given that you would need a 15,360-bit RSA key to have a key strength
equivalent to a 256-bit key (and a 3072-bit RSA key is equivalent to
128-bit symmetric keys, and there are plenty of people still using
2048-bit keys), permit me to be a little skeptical about the value of
256 bit keys for anything other than marketing value...
If you trust ECC, you'd "only" need a 7,680 bit ECC key. But the ECC
curves under discussion today are (at least) an order of magnitude
smaller.
And if it's just to make gullible rubes feel safer, I don't see the
real point of non-blocking random pool threshold larger than the
safety of the whole system is constrainted by public key crypto.
> So, let us disregard the patch until hard requirements are coming up.
Sounds like a fine idea to me.
- Ted
next prev parent reply other threads:[~2015-05-20 15:06 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-18 16:25 [PATCH] random: add random_initialized command line param Stephan Mueller
2015-05-18 18:42 ` Theodore Ts'o
2015-05-18 19:16 ` Stephan Mueller
2015-05-18 22:58 ` Herbert Xu
2015-05-19 22:40 ` Sandy Harris
2015-05-20 6:29 ` Stephan Mueller
2015-05-20 15:06 ` Theodore Ts'o [this message]
2015-05-20 16:18 ` Stephan Mueller
2015-06-23 20:44 ` Pavel Machek
2015-06-23 21:47 ` Stephan Mueller
2015-06-24 8:45 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150520150642.GJ2871@thunk.org \
--to=tytso@mit.edu \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).