Date: Tue, 30 Nov 1999 11:13:30 +0100 From: Brad Knowles <blk@skynet.be> To: Dan Moschuk <dan@FreeBSD.ORG> Cc: Kris Kennaway <kris@hub.freebsd.org>, Dan Moschuk <dan@FreeBSD.ORG>, Bruce Evans <bde@zeta.org.au>, Mike Smith <msmith@FreeBSD.ORG>, audit@FreeBSD.ORG, Warner Losh <imp@village.org> Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <v04205503b469524d12f0@[195.238.21.204]> In-Reply-To: <19991129153639.B2999@spirit.jaded.net> References: <Pine.BSF.4.21.9911291103500.51314-100000@hub.freebsd.org> <v0420551bb4688f87fb80@[195.238.21.204]> <19991129153639.B2999@spirit.jaded.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 3:36 PM -0500 1999/11/29, Dan Moschuk wrote: > One of the benefits of using an algorithm designed by a professional > cryptographer is that the algorithm is bound to be studied extensively, it > doesn't neccessarily have to be from our code base. That's probably true of the crypto algorithms in question, but as Schneier has repeatedly pointed out, they are only a relatively small part of the overall picture. It is entirely possible (one might even argue highly likely) that a less well-tested routine (written by programmers of unknown skill levels) based on a set of algorithms chosen by a respected cryptographer might be much, *much*, *MUCH* less secure (when viewed as a whole), than a better tested routine that has withstood attacks over a longer period of time. If you can restrict yourself to just the crypto part, then you can argue that removing older (and presumably since proven to be less secure) crypto in favour of newer (at least believed to be more secure) algorithms is a good thing. One example of this might be choosing SHA-1 over MD5, since there are certain known weaknesses in some utilizations of MD5, which might point to broader (but not yet discovered) weaknesses, wherease no one has yet been able to find any inherent weaknesses in SHA-1. However, we very rarely have the luxury of being able to replace *just* the crypto part of one routine with the crypto part of another. Instead, we need to view the whole as a collection of parts that need to be evaluated together, in which the crypto plays a critical but still relatively small part. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, <blk@skynet.be> Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04205503b469524d12f0>