Date: Thu, 15 Dec 2016 03:15:55 -0500 From: Daniel Micay <danielmicay@...il.com> To: kernel-hardening@...ts.openwall.com, "Jason A. Donenfeld" <Jason@...c4.com> Cc: hannes@...essinduktion.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, jeanphilippe.aumasson@...il.com, djb@...yp.to, torvalds@...ux-foundation.org, ebiggers3@...il.com Subject: Re: Re: [PATCH v2 1/4] siphash: add cryptographically secure hashtable function On Thu, 2016-12-15 at 15:57 +0800, Herbert Xu wrote: > Jason A. Donenfeld <Jason@...c4.com> wrote: > > > > Siphash needs a random secret key, yes. The point is that the hash > > function remains secure so long as the secret key is kept secret. > > Other functions can't make the same guarantee, and so nervous > > periodic > > key rotation is necessary, but in most cases nothing is done, and so > > things just leak over time. > > Actually those users that use rhashtable now have a much more > sophisticated defence against these attacks, dyanmic rehashing > when bucket length exceeds a preset limit. > > Cheers, Key independent collisions won't be mitigated by picking a new secret. A simple solution with clear security properties is ideal. Download attachment "signature.asc" of type "application/pgp-signature" (867 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.