Re: kaslr: better rng

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: kaslr: better rng
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Mon, 6 Nov 2017 21:50:11 -0500

On Mon, Nov 06, 2017 at 06:51:33PM +0100, Maxime Villard wrote:
> > 
> > What is the reason for using only part of the file, in any application?
> 
> I meant to say that the components don't take random values from the same
> area in the file, for them not to use the same random numbers twice.

That doesn't make sense to me.  Do you believe all modern keyed hash
functions are broken?

If not, why not use HMAC with a suitable hash (SHA512 is probably right
for now) and two different fixed keys, over the entire boot time seed
entropy, to derive two different seeds for the two RNGs?

-- 
  Thor Lancelot Simon	                                     tls%panix.com@localhost
 "The two most common variations translate as follows:
	illegitimi non carborundum = the unlawful are not silicon carbide
	illegitimis non carborundum = the unlawful don't have silicon carbide."

Follow-Ups:
- Re: kaslr: better rng
  - From: Maxime Villard

References:
- kaslr: better rng
  - From: Maxime Villard
- Re: kaslr: better rng
  - From: Thor Lancelot Simon
- Re: kaslr: better rng
  - From: Maxime Villard

Prev by Date: Re: kaslr: better rng
Next by Date: Re: kaslr: better rng
Previous by Thread: Re: kaslr: better rng
Next by Thread: Re: kaslr: better rng
Indexes:

Home | Main Index | Thread Index | Old Index