Konstantin Belousov writes:
> Dag-Erling Smørgrav writes:
> > Wouldn't it be possible to just set up the page entry but leave it
> > unmapped, so that it is paged in (and zeroed if necessary) on first
> > access? Thus, a process that uses arc4random() and fork()s would not
> > incur a penalty un
Andrey Chernov writes:
> Theo kindly explained that zeroing whole page instead of single variable
> suits to his newest arc4random better, since clears two structs at once
> (including ChaCha state), making some form of backward secrecy.
Yes, avoiding leaking key material to child processes would
On 16.03.2017 20:24, Xin LI wrote:
> On Wed, Mar 15, 2017 at 1:13 PM, Andrey Chernov wrote:
>> On 15.03.2017 16:06, Steven Chamberlain wrote:
>>> Also it is great to see INHERIT_ZERO was added to mmap(2)!
>>
>> It is not so great. For a program which forks very often zeroing even
>> one page will
On Wed, Mar 15, 2017 at 1:13 PM, Andrey Chernov wrote:
> On 15.03.2017 16:06, Steven Chamberlain wrote:
>> Also it is great to see INHERIT_ZERO was added to mmap(2)!
>
> It is not so great. For a program which forks very often zeroing even
> one page will be slowdown. It will be better and faster
On Thu, Mar 16, 2017 at 01:48:45PM +0100, Dag-Erling Sm??rgrav wrote:
> Andrey Chernov writes:
> > Steven Chamberlain writes:
> > > Also it is great to see INHERIT_ZERO was added to mmap(2)!
> > It is not so great. For a program which forks very often zeroing even
> > one page will be slowdown.
>
Andrey Chernov writes:
> Steven Chamberlain writes:
> > Also it is great to see INHERIT_ZERO was added to mmap(2)!
> It is not so great. For a program which forks very often zeroing even
> one page will be slowdown.
Wouldn't it be possible to just set up the page entry but leave it
unmapped, so
On 15.03.2017 16:06, Steven Chamberlain wrote:
> Also it is great to see INHERIT_ZERO was added to mmap(2)!
It is not so great. For a program which forks very often zeroing even
one page will be slowdown. It will be better and faster to implement it
as fork syscall wrapper setting single variable,
Steven Chamberlain wrote:
> Please consider switching to ChaCha20 in the long term (kern/182610),
> but right now, at least increase the amount of early keystream that is
> discarded.
Many, many thanks delphij+so for applying the latter change so quickly!
Also it is great to see INHERIT_ZERO was
On 14 March 2017 at 09:06, Steven Chamberlain wrote:
> From this document (TOP SECRET//SI//NOFORN):
> https://wikileaks.org/ciav7p1/cms/files/NOD%20Cryptographic%
> 20Requirements%20v1.1%20TOP%20SECRET.pdf
>
> version 1.0 said:
>
> | 8. (S//NF) [...] If RC4 is used, at least the first 1024
> | by
From this document (TOP SECRET//SI//NOFORN):
https://wikileaks.org/ciav7p1/cms/files/NOD%20Cryptographic%20Requirements%20v1.1%20TOP%20SECRET.pdf
version 1.0 said:
| 8. (S//NF) [...] If RC4 is used, at least the first 1024
| bytes of the cryptostream must be discarded and may not be used
and tha
10 matches
Mail list logo
