aboutsummaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
authorMatt Mackall <mpm@selenic.com>2008-04-29 01:03:00 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-29 08:06:24 -0700
commit1c0ad3d492adf670e47bf0a3d65c6ba5cdee0114 (patch)
treeb043456b0ddb74dfbff51efa57170a9c38eac729 /README
parentffd8d3fa5813430fe3926fe950fde23630f6b1a0 (diff)
random: make backtracking attacks harder
At each extraction, we change (poolbits / 16) + 32 bits in the pool, or 96 bits in the case of the secondary pools. Thus, a brute-force backtracking attack on the pool state is less difficult than breaking the hash. In certain cases, this difficulty may be is reduced to 2^64 iterations. Instead, hash the entire pool in one go, then feedback the whole hash (160 bits) in one go. This will make backtracking at least as hard as inverting the hash. Signed-off-by: Matt Mackall <mpm@selenic.com> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions