Date: Mon, 19 Dec 2016 17:19:16 +0000 From: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com> To: "Jason A. Donenfeld" <Jason@...c4.com>, noloader@...il.com Cc: Netdev <netdev@...r.kernel.org>, kernel-hardening@...ts.openwall.com, LKML <linux-kernel@...r.kernel.org>, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, David Laight <David.Laight@...lab.com>, Ted Tso <tytso@....edu>, Hannes Frederic Sowa <hannes@...essinduktion.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Eric Biggers <ebiggers3@...il.com>, Tom Herbert <tom@...bertland.com>, George Spelvin <linux@...encehorizons.net>, Vegard Nossum <vegard.nossum@...il.com>, Andi Kleen <ak@...ux.intel.com>, David Miller <davem@...emloft.net>, Andy Lutomirski <luto@...capital.net>, "Daniel J . Bernstein" <djb@...yp.to> Subject: Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF Yeah you can use the PRF properties to build a DRBG, but that may not be optimal in terms of performance. On Mon, 19 Dec 2016 at 18:08, Jason A. Donenfeld <Jason@...c4.com> wrote: > On Sat, Dec 17, 2016 at 3:55 PM, Jeffrey Walton <noloader@...il.com> > wrote: > > It may be prudent to include the endian reversal in the test to ensure > > big endian machines produce expected results. Some closely related > > testing on an old Apple PowerMac G5 revealed that result needed to be > > reversed before returning it to a caller. > > The function  returns a u64. Originally I had it returning a > __le64, but that was considered unnecessary by many prior reviewers on > the list. It returns an integer. If you want uniform bytes out of it, > then use the endian conversion function, the same as you would do with > any other type of integer. > > Additionally, this function is *not* meant for af_alg or any of the > crypto/* code. It's very unlikely to find a use there. > > > > Forgive my ignorance... I did not find reading on using the primitive > > in a PRNG. Does anyone know what Aumasson or Bernstein have to say? > > Aumasson's site does not seem to discuss the use case: > > He's on this thread so I suppose he can speak up for himself. But in > my conversations with him, the primary take-away was, "seems okay to > me!". But please -- JP - correct me if I've misinterpreted. > Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.