[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say

ianG iang at iang.org
Thu Dec 19 12:14:34 EST 2013


On 19/12/13 17:49 PM, Theodore Ts'o wrote:
>   	/*
>   	 * If we have an architectural hardware random number
> +	 * generator, use it for SHA's initial vector
>   	 */


Nice!  If I read it right, this seems to be a good compromise between 
those that insist there be no special mixing and those that insist there 
be special mixing.  In order for the RDRAND opcode to breach this, it 
would effectively have to break SHA1.  This might be done, but unlikely 
in the picoseconds available.



iang


More information about the cryptography mailing list