Re: [RFC][PATCH] Make cryptoapi non-optional?

From: David Wagner
Date: Thu Aug 21 2003 - 23:34:27 EST

Next message: Yaoping Ruan: "kernel hangs up running web server"
Previous message: Charles Lepple: "Re: "ctrl+c" disabled!"
In reply to: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Next in thread: Matt Mackall: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Lang wrote:
>On Mon, 18 Aug 2003, Andreas Dilger wrote:
>> It wasn't even vanishingly small... We had a problem in our code where
>> two readers got the same 64-bit value calling get_random_bytes(), and
>> we were depending on this 64-bit value being unique. This problem was
>> fixed by putting a spinlock around the call to get_random_bytes().
>
>if the number is truely random then there should be a (small but finite)
>chance that any two reads will return the same data. counting on a random
>number to be unique is not a good idea.

Have you ever worked out how small a number 2^-64 is?
You might be surprised. For most practical purposes, 2^-64 is
effectively zero.

If you see a 64-bit values repeat twice in a row when querying a
cryptographic pseudorandom generator, the crypto-PRNG is almost surely
broken.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Yaoping Ruan: "kernel hangs up running web server"
Previous message: Charles Lepple: "Re: "ctrl+c" disabled!"
In reply to: Jamie Lokier: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Next in thread: Matt Mackall: "Re: [RFC][PATCH] Make cryptoapi non-optional?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]