From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756732AbZEPPxz (ORCPT ); Sat, 16 May 2009 11:53:55 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753622AbZEPPxp (ORCPT ); Sat, 16 May 2009 11:53:45 -0400 Received: from smtp-out003.kontent.com ([81.88.40.217]:47307 "EHLO smtp-out003.kontent.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752348AbZEPPxo (ORCPT ); Sat, 16 May 2009 11:53:44 -0400 From: Oliver Neukum To: Linus Torvalds Subject: Re: [Security] [patch] random: make get_random_int() more random Date: Sat, 16 May 2009 17:54:01 +0200 User-Agent: KMail/1.10.3 (Linux/2.6.27.21-0.1-default; KDE/4.1.3; x86_64; ; ) Cc: Willy Tarreau , Ingo Molnar , security@kernel.org, Linux@hera.kernel.org, stable@kernel.org, Cox , Arjan@hera.kernel.org, List , Alan@hera.kernel.org, Eric Paris , Jake Edge , linux-security-module@vger.kernel.org, mingo@redhat.com, "Eric W. Biederman" , Matt Mackall , Dave Jones , James Morris , Andrew Morton , Roland McGrath , de Ven References: <20090505202219.GL31071@waste.org> <20090516135828.GA25283@1wt.eu> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200905161754.03472.oliver@neukum.org> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am Samstag, 16. Mai 2009 17:23:11 schrieb Linus Torvalds: > (That's especially true since whatever we do, the _one_ thing we can never > do is to actually hide what hash we use. We can hide the data, but we > can't hide the code. Others depend on also making it harder to guess > even what the algorithm for the hash itself is). Why can't we implement more than one hash and choose at boot time? Or even change the hash on the fly? That's not as good as a secret algorithm, but the attacker would have to guess which is used. Regards Oliver