Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 6 Jun 2017 19:30:33 +0200
From: "Jason A. Donenfeld" <>
To: Eric Biggers <>
Cc: David Howells <>, "Theodore Ts'o" <>, 
	Linux Crypto Mailing List <>, LKML <>,, 
	Greg Kroah-Hartman <>, David Miller <>, 
	Herbert Xu <>, Stephan Mueller <>
Subject: Re: Re: [PATCH v3 04/13] crypto/rng: ensure that
 the RNG is ready before using

On Tue, Jun 6, 2017 at 7:26 PM, Eric Biggers <> wrote:
> I agree that the use of ECB mode in big_key is broken, and thanks for trying to
> fix it!  I think using GCM is good, but please leave a very conspicuous comment
> where the nonce is being set to 0, noting that it's safe only because a unique
> key is used to encrypt every big_key *and* the big_keys are not updatable (via
> an .update method in the key_type), resulting in each GCM key being used for
> only a single encryption.

Good idea. I'll make a large comment about this.

> Also, I think you should send this to the keyrings mailing list and maintainer
> so it can be discussed and merged separately from your RNG changes.

Yea, that seems like a good idea. I'll separate things out right now.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.