Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1762128AbcLPWTC (ORCPT ); Fri, 16 Dec 2016 17:19:02 -0500 Received: from frisell.zx2c4.com ([192.95.5.64]:45442 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759964AbcLPWSx (ORCPT ); Fri, 16 Dec 2016 17:18:53 -0500 MIME-Version: 1.0 In-Reply-To: <20161216221352.26899.qmail@ns.sciencehorizons.net> References: <20161216204358.nlwifgcqnu6pitxs@thunk.org> <20161216221352.26899.qmail@ns.sciencehorizons.net> From: "Jason A. Donenfeld" Date: Fri, 16 Dec 2016 23:18:48 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF To: George Spelvin Cc: "Theodore Ts'o" , Andi Kleen , David Miller , David Laight , "Daniel J . Bernstein" , Eric Biggers , Hannes Frederic Sowa , Jean-Philippe Aumasson , kernel-hardening@lists.openwall.com, Linux Crypto Mailing List , LKML , Andy Lutomirski , Netdev , Tom Herbert , Linus Torvalds , Vegard Nossum Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 470 Lines: 9 On Fri, Dec 16, 2016 at 11:13 PM, George Spelvin wrote: > Remembering that on "real" machines it's full SipHash, then I'd say that > 64-bit security + rekeying seems reasonable. 64-bit security for an RNG is not reasonable even with rekeying. No no no. Considering we already have a massive speed-up here with the secure version, there's zero reason to start weakening the security because we're trigger happy with our benchmarks. No no no.