From: "Theodore Ts'o" <tytso@mit.edu>
To: "Ondřej Bílka" <neleai@seznam.cz>
Cc: Stephan Mueller <smueller@chronox.de>,
Andrew Morton <akpm@linux-foundation.org>,
lkml <linux-kernel@vger.kernel.org>,
Jeff Liu <jeff.liu@oracle.com>, Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH] avoid entropy starvation due to stack protection
Date: Sat, 22 Dec 2012 14:29:05 -0500 [thread overview]
Message-ID: <20121222192905.GA12563@thunk.org> (raw)
In-Reply-To: <20121221200735.GB5867@domone>
On Fri, Dec 21, 2012 at 09:07:35PM +0100, Ondřej Bílka wrote:
> I was suggesting in another thread different approach.
>
> Use AES-based cryptographic random number generator as replacement of
> /dev/urandom. Reseeding would get done by changing both aes key and
> data.
>
> This would with hardware support make /dev/urandom much faster than its now.
You can do this in userspace. And in fact, if you need huge numbers
of random session keys, such as in a Kerberos KDC or an IPSEC IKE
daemon, that's what I would recommand (and what most of them do
already).
The original goal and intent for /dev/random was really for long-term
keys where we are trying to leverage randomness available from
hardware, which only the kernel would be able to collect. It was not
intended as a high speed random number generator; the best use of it
is either for the generation of a long-term public key, or other
secret (such as a Kerberos master key), or to seed a cryptographic
random number generator which then operates in userspace.
If you need speed, then by all means, use a cryptographic random
number generator in userspace, or if it's for a monte carlo simulator,
use a good userspace PRNG.
- Ted
next prev parent reply other threads:[~2012-12-22 19:29 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-11 12:33 [PATCH] avoid entropy starvation due to stack protection Stephan Mueller
2012-12-12 10:48 ` Stephan Mueller
2012-12-13 0:43 ` Andrew Morton
2012-12-13 7:44 ` Stephan Mueller
2012-12-14 17:36 ` Stephan Mueller
2012-12-16 0:30 ` Theodore Ts'o
2012-12-16 12:46 ` Stephan Müller
2012-12-21 20:07 ` Ondřej Bílka
2012-12-22 19:29 ` Theodore Ts'o [this message]
2012-12-15 19:15 ` Ondřej Bílka
2012-12-15 22:59 ` Stephan Müller
2012-12-21 19:32 ` Ondřej Bílka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121222192905.GA12563@thunk.org \
--to=tytso@mit.edu \
--cc=akpm@linux-foundation.org \
--cc=jeff.liu@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=neleai@seznam.cz \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).