Peter Zijlstra wrote:
On Mon, 2011-09-12 at 09:56 -0400, Jarod Wilson wrote:
Thomas Gleixner wrote:
Well, there is enough prove out there that the hardware you're using
is a perfect random number generator by itself.
So stop complaining about not having access to TPM chips if you can
create
On Mon, 2011-09-12 at 09:56 -0400, Jarod Wilson wrote:
> Thomas Gleixner wrote:
> > Well, there is enough prove out there that the hardware you're using
> > is a perfect random number generator by itself.
> >
> > So stop complaining about not having access to TPM chips if you can
> > create an ent
valdis.kletni...@vt.edu wrote:
On Mon, 12 Sep 2011 09:55:15 EDT, Jarod Wilson said:
Well, previously, we were looking at simply improving random entropy
contributions, but quoting Matt Mackall from here:
http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg05799.html
'I recommend you d
On Mon, Sep 12, 2011 at 10:02:43AM -0400, Jarod Wilson wrote:
> Ted Ts'o wrote:
> >Yeah, but there are userspace programs that depend on urandom not
> >blocking... so your proposed change would break them.
> I'm already consigned to the fact this isn't going to fly, but I'm
> still curious to kno
On Mon, 12 Sep 2011 09:55:15 EDT, Jarod Wilson said:
> Well, previously, we were looking at simply improving random entropy
> contributions, but quoting Matt Mackall from here:
>
> http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg05799.html
>
> 'I recommend you do some Google searche
On Mon, Sep 12, 2011 at 10:02:43AM -0400, Jarod Wilson wrote:
> Ted Ts'o wrote:
> >On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> >>We're looking for a generic solution here that doesn't require
> >>re-educating every single piece of userspace. And anything done in
> >>userspace is
Ted Ts'o wrote:
On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
We're looking for a generic solution here that doesn't require
re-educating every single piece of userspace. And anything done in
userspace is going to be full of possible holes -- there needs to be
something in place
Thomas Gleixner wrote:
On Fri, 9 Sep 2011, Steve Grubb wrote:
But what I was trying to say is that we can't depend on these supplemental
hardware
devices like TPM because we don't have access to the proprietary technical
details
that would be necessary to supplement the analysis. And when it c
valdis.kletni...@vt.edu wrote:
On Fri, 09 Sep 2011 10:21:13 +0800, Sandy Harris said:
Barring a complete failure of SHA-1, an enemy who wants to
infer the state from outputs needs astronomically large amounts
of both data and effort.
So let me get this straight - the movie-plot attack we're de
On Fri, 09 Sep 2011 10:21:13 +0800, Sandy Harris said:
> Barring a complete failure of SHA-1, an enemy who wants to
> infer the state from outputs needs astronomically large amounts
> of both data and effort.
So let me get this straight - the movie-plot attack we're defending against is
somebody r
On Fri, 9 Sep 2011, Steve Grubb wrote:
> But what I was trying to say is that we can't depend on these supplemental
> hardware
> devices like TPM because we don't have access to the proprietary technical
> details
> that would be necessary to supplement the analysis. And when it comes to TPM
>
On Fri, Sep 09, 2011 at 03:08:03PM -0400, Eric Paris wrote:
> On Thu, Sep 8, 2011 at 12:13 PM, David Miller wrote:
> > From: Steve Grubb
>
> >> This patch does not _break_ all existing applications. If a system were
> >> under attack,
> >> they might pause momentarily, but they do not break. Pl
On Thu, Sep 8, 2011 at 12:13 PM, David Miller wrote:
> From: Steve Grubb
>> This patch does not _break_ all existing applications. If a system were
>> under attack,
>> they might pause momentarily, but they do not break. Please, try the patch
>> and use a
>> nice large number like 200 and
On Fri, Sep 09, 2011 at 09:04:17AM -0400, Steve Grubb wrote: But what
> I was trying to say is that we can't depend on these supplemental
> hardware devices like TPM because we don't have access to the
> proprietary technical details that would be necessary to supplement
> the analysis. And when it
On Thursday, September 08, 2011 10:21:13 PM Sandy Harris wrote:
> > The system being low on entropy is another problem that should be
> > addressed. For our purposes, we cannot say take it from TPM or RDRND or
> > any plugin board. We have to have the mathematical analysis that goes
> > with it, we
On Thu, Sep 8, 2011 at 9:11 PM, Steve Grubb wrote:
> The system being low on entropy is another problem that should be addressed.
> For our
> purposes, we cannot say take it from TPM or RDRND or any plugin board. We
> have to have
> the mathematical analysis that goes with it, we need to know w
From: Steve Grubb
Date: Thu, 8 Sep 2011 07:48:27 -0400
> On Thursday, September 08, 2011 04:44:20 AM Christoph Hellwig wrote:
>> On Wed, Sep 07, 2011 at 11:27:12PM +0200, Stephan Mueller wrote:
>> > And exactly that is the concern from organizations like BSI. Their
>> > cryptographer's concern is
On Thu, Sep 08, 2011 at 09:11:12AM -0400, Steve Grubb wrote:
> On Thursday, September 08, 2011 08:52:34 AM Neil Horman wrote:
> > > to disk device - of course only if the device adds entropy into the
> > > primary pool when there are writes on the device.
> >
> > Yes, and thats a problem. We're a
On Thursday, September 08, 2011 08:52:34 AM Neil Horman wrote:
> > to disk device - of course only if the device adds entropy into the
> > primary pool when there are writes on the device.
>
> Yes, and thats a problem. We're assuming in the above case that writes to
> disk generate interrupts whi
On Thu, Sep 08, 2011 at 08:41:57AM +0200, Tomas Mraz wrote:
> On Wed, 2011-09-07 at 19:57 -0400, Neil Horman wrote:
> > On Wed, Sep 07, 2011 at 04:56:49PM -0400, Steve Grubb wrote:
> > > On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
> > > > Anyway, it won't happen fast enough to
On Thursday, September 08, 2011 04:44:20 AM Christoph Hellwig wrote:
> On Wed, Sep 07, 2011 at 11:27:12PM +0200, Stephan Mueller wrote:
> > And exactly that is the concern from organizations like BSI. Their
> > cryptographer's concern is that due to the volume of data that you can
> > extract from
On Wed, Sep 07, 2011 at 11:27:12PM +0200, Stephan Mueller wrote:
> And exactly that is the concern from organizations like BSI. Their
> cryptographer's concern is that due to the volume of data that you can
> extract from /dev/urandom, you may find cycles or patterns that increase
> the probability
On Wed, Sep 07, 2011 at 05:18:58PM -0400, Ted Ts'o wrote:
> If this is the basis for the patch, then we should definitely NACK it.
> It sounds like snake oil fear mongering.
You're around long enough to know that Steve and his gang do nothing but
selling snake oil.
--
To unsubscribe from this list
On Wed, Sep 07, 2011 at 04:02:24PM -0400, Steve Grubb wrote:
> The only time this kicks in is when a system is under attack. If you have set
> this and
> the system is running as normal, you will never notice it even there.
So your userspace will break exactly when you least need it and can't
de
On Wed, 2011-09-07 at 17:43 -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 05:35:18 PM Jarod Wilson wrote:
> > Another proposal that has been kicked around: a 3rd random chardev,
> > which implements this functionality, leaving urandom unscathed. Some
> > udev magic or a driver para
On Wed, 2011-09-07 at 19:57 -0400, Neil Horman wrote:
> On Wed, Sep 07, 2011 at 04:56:49PM -0400, Steve Grubb wrote:
> > On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
> > > Anyway, it won't happen fast enough to actually not block.
> > >
> > > Writing 1TB of urandom into a disk
Jarod Wilson wrote:
> Ted Ts'o wrote:
>> Yeah, but there are userspace programs that depend on urandom not
>> blocking... so your proposed change would break them.
>> ...
> But only if you've set the sysctl to a non-zero value, ...
>
> But again, I want to stress that out of the box, there's ab
On Wed, Sep 07, 2011 at 04:56:49PM -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
> > On Wed, 2011-09-07 at 16:30 -0400, Steve Grubb wrote:
> > > On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
> > > > On Wed, 2011-09-07 at 16:02 -0400, S
On Wed, 7 Sep 2011, Steve Grubb wrote:
> On Wednesday, September 07, 2011 05:35:18 PM Jarod Wilson wrote:
> > Another proposal that has been kicked around: a 3rd random chardev,
> > which implements this functionality, leaving urandom unscathed. Some
> > udev magic or a driver param could move/d
On Wednesday, September 07, 2011 05:35:18 PM Jarod Wilson wrote:
> Another proposal that has been kicked around: a 3rd random chardev,
> which implements this functionality, leaving urandom unscathed. Some
> udev magic or a driver param could move/disable/whatever urandom and put
> this alternat
On Wed, 2011-09-07 at 17:28 -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 05:10:27 PM Sasha Levin wrote:
> > > > > > Something similar probably happens for getting junk on disks before
> > > > > > creating an encrypted filesystem on top of them.
> > > > >
> > > > > During system ins
On Wed, Sep 07, 2011 at 11:27:12PM +0200, Stephan Mueller wrote:
>
> And exactly that is the concern from organizations like BSI. Their
> cryptographer's concern is that due to the volume of data that you can
> extract from /dev/urandom, you may find cycles or patterns that increase
> the probabil
Sasha Levin wrote:
On Wed, 2011-09-07 at 16:56 -0400, Steve Grubb wrote:
On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
On Wed, 2011-09-07 at 16:30 -0400, Steve Grubb wrote:
On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
On Wed, 2011-09-07 at 16:02 -0400, Ste
On Wednesday, September 07, 2011 05:10:27 PM Sasha Levin wrote:
> > > > > Something similar probably happens for getting junk on disks before
> > > > > creating an encrypted filesystem on top of them.
> > > >
> > > > During system install, this sysctl is not likely to be applied.
> > >
> > > It m
On 07.09.2011 23:18:58, +0200, Ted Ts'o wrote:
Hi Ted,
> On Wed, Sep 07, 2011 at 04:02:24PM -0400, Steve Grubb wrote:
>>
>> When a system is underattack, do you really want to be using a PRNG
>> for anything like seeding openssl? Because a PRNG is what urandom
>> degrades into when its attacked
On 09/07/2011 10:02 PM, Steve Grubb wrote:
When a system is underattack, do you really want to be using a PRNG
for anything like seeding openssl? Because a PRNG is what urandom
degrades into when its attacked.
Using a PRNG is not a problem. Making sure it is well seeded and no
input from the a
On Wed, Sep 07, 2011 at 04:02:24PM -0400, Steve Grubb wrote:
>
> When a system is underattack, do you really want to be using a PRNG
> for anything like seeding openssl? Because a PRNG is what urandom
> degrades into when its attacked.
This is not technically true. urandom degrades into a CRNG
On Wed, 2011-09-07 at 16:56 -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
> > On Wed, 2011-09-07 at 16:30 -0400, Steve Grubb wrote:
> > > On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
> > > > On Wed, 2011-09-07 at 16:02 -0400, Steve Gr
On Wednesday, September 07, 2011 04:37:57 PM Sasha Levin wrote:
> On Wed, 2011-09-07 at 16:30 -0400, Steve Grubb wrote:
> > On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
> > > On Wed, 2011-09-07 at 16:02 -0400, Steve Grubb wrote:
> > > > On Wednesday, September 07, 2011 03:27:37 P
On Wednesday, September 07, 2011 04:33:05 PM Neil Horman wrote:
> On Wed, Sep 07, 2011 at 04:02:24PM -0400, Steve Grubb wrote:
> > On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> > > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> > > > We're looking for a generic sol
On Wed, 2011-09-07 at 16:30 -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
> > On Wed, 2011-09-07 at 16:02 -0400, Steve Grubb wrote:
> > > On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> > > > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jaro
On Wed, Sep 07, 2011 at 04:02:24PM -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> > > We're looking for a generic solution here that doesn't require
> > > re-educating every single piece of
On Wednesday, September 07, 2011 04:23:13 PM Sasha Levin wrote:
> On Wed, 2011-09-07 at 16:02 -0400, Steve Grubb wrote:
> > On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> > > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> > > > We're looking for a generic solution h
On Wed, 2011-09-07 at 16:02 -0400, Steve Grubb wrote:
> On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> > > We're looking for a generic solution here that doesn't require
> > > re-educating every single piece of usersp
On Wednesday, September 07, 2011 03:27:37 PM Ted Ts'o wrote:
> On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> > We're looking for a generic solution here that doesn't require
> > re-educating every single piece of userspace. And anything done in
> > userspace is going to be full of
On Wed, 2011-09-07 at 15:30 -0400, Jarod Wilson wrote:
> Sasha Levin wrote:
> > On Wed, 2011-09-07 at 14:26 -0400, Jarod Wilson wrote:
> >> Sasha Levin wrote:
> >> [..] And anything done in
> >> userspace is going to be full of possible holes [..]
> >
> > Such as? Is there an example of a case whic
From: "Ted Ts'o"
Date: Wed, 7 Sep 2011 15:27:37 -0400
> On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
>> We're looking for a generic solution here that doesn't require
>> re-educating every single piece of userspace. And anything done in
>> userspace is going to be full of possibl
Ted Ts'o wrote:
On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
We're looking for a generic solution here that doesn't require
re-educating every single piece of userspace. And anything done in
userspace is going to be full of possible holes -- there needs to be
something in place
On Wed, Sep 07, 2011 at 10:05:30PM +0300, Sasha Levin wrote:
> On Wed, 2011-09-07 at 14:26 -0400, Jarod Wilson wrote:
> > Sasha Levin wrote:
> > > On Wed, 2011-09-07 at 13:38 -0400, Jarod Wilson wrote:
> > >> Certain security-related certifications and their respective review
> > >> bodies have sai
Sasha Levin wrote:
On Wed, 2011-09-07 at 14:26 -0400, Jarod Wilson wrote:
Sasha Levin wrote:
On Wed, 2011-09-07 at 13:38 -0400, Jarod Wilson wrote:
Certain security-related certifications and their respective review
bodies have said that they find use of /dev/urandom for certain
functions, suc
On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
> We're looking for a generic solution here that doesn't require
> re-educating every single piece of userspace. And anything done in
> userspace is going to be full of possible holes -- there needs to be
> something in place that actual
On Wed, 2011-09-07 at 14:26 -0400, Jarod Wilson wrote:
> Sasha Levin wrote:
> > On Wed, 2011-09-07 at 13:38 -0400, Jarod Wilson wrote:
> >> Certain security-related certifications and their respective review
> >> bodies have said that they find use of /dev/urandom for certain
> >> functions, such a
Sasha Levin wrote:
On Wed, 2011-09-07 at 13:38 -0400, Jarod Wilson wrote:
Certain security-related certifications and their respective review
bodies have said that they find use of /dev/urandom for certain
functions, such as setting up ssh connections, is acceptable, but if and
only if /dev/uran
On Wed, 2011-09-07 at 13:38 -0400, Jarod Wilson wrote:
> Certain security-related certifications and their respective review
> bodies have said that they find use of /dev/urandom for certain
> functions, such as setting up ssh connections, is acceptable, but if and
> only if /dev/urandom can block
Certain security-related certifications and their respective review
bodies have said that they find use of /dev/urandom for certain
functions, such as setting up ssh connections, is acceptable, but if and
only if /dev/urandom can block after a certain threshold of bytes have
been read from it with
On 05.09.2011 04:36:29, +0200, Sandy Harris wrote:
Hi Sandy,
> On Fri, Sep 2, 2011 at 10:37 PM, Jarod Wilson wrote:
>
>> Certain security-related certifications and their respective review
>> bodies have said that they find use of /dev/urandom for certain
>> functions, such as setting up ssh c
On Fri, Sep 2, 2011 at 10:37 PM, Jarod Wilson wrote:
> Certain security-related certifications and their respective review
> bodies have said that they find use of /dev/urandom for certain
> functions, such as setting up ssh connections, is acceptable, but if and
> only if /dev/urandom can block
Certain security-related certifications and their respective review
bodies have said that they find use of /dev/urandom for certain
functions, such as setting up ssh connections, is acceptable, but if and
only if /dev/urandom can block after a certain threshold of bytes have
been read from it with
58 matches
Mail list logo
