tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kaslr: better rng

On Mon, Nov 06, 2017 at 06:51:33PM +0100, Maxime Villard wrote:
> > 
> > What is the reason for using only part of the file, in any application?
> I meant to say that the components don't take random values from the same
> area in the file, for them not to use the same random numbers twice.

That doesn't make sense to me.  Do you believe all modern keyed hash
functions are broken?

If not, why not use HMAC with a suitable hash (SHA512 is probably right
for now) and two different fixed keys, over the entire boot time seed
entropy, to derive two different seeds for the two RNGs?

  Thor Lancelot Simon	                           
 "The two most common variations translate as follows:
	illegitimi non carborundum = the unlawful are not silicon carbide
	illegitimis non carborundum = the unlawful don't have silicon carbide."

Home | Main Index | Thread Index | Old Index