Re: [PATCH 2/2 v2] talitos: Freescale integrated security engine (SEC) driver | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Fri, May 30, 2008 at 06:58:30PM -0500, Kim Phillips wrote:
>
> + /* get random IV */
> + get_random_bytes(req->giv, crypto_aead_ivsize(authenc));
Sorry but this is unworkable given our current RNG infrastructure.
Draining 16 bytes for every packet is going to make /dev/random
unuseable (if it wasn't already :).
Perhaps just use eseqiv (it should be pretty cheap sinec it just
tacks on an extra block to the encryption) for now until we have
a PRNG?
We'll need to extend eseqiv to support AEAD first though. Perhaps
change it so that it can be called as a library by AEAD algorithms?
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Home] [Kernel] [Gnu Classpath] [Gnu Crypto] [DM Crypt] [Netfilter] [Bugtraq] [Network Security Reading]