[148526] in cryptography@c2.net mail archive
Re: [Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's
daemon@ATHENA.MIT.EDU (ianG)
Thu Dec 19 13:30:41 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 19 Dec 2013 20:14:34 +0300
From: ianG <iang@iang.org>
To: cryptography@metzdowd.com, Theodore Ts'o <tytso@mit.edu>
In-Reply-To: <20131219144924.GB4391@thunk.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 19/12/13 17:49 PM, Theodore Ts'o wrote:
> /*
> * If we have an architectural hardware random number
> + * generator, use it for SHA's initial vector
> */
Nice! If I read it right, this seems to be a good compromise between
those that insist there be no special mixing and those that insist there
be special mixing. In order for the RDRAND opcode to breach this, it
would effectively have to break SHA1. This might be done, but unlikely
in the picoseconds available.
iang
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
