From: Eric Dumazet
Date: Wed, 27 Mar 2019 12:40:33 -0700
> According to Amit Klein and Benny Pinkas, IP ID generation is too weak
> and might be used by attackers.
>
> Even with recent net_hash_mix() fix (netns: provide pure entropy for
> net_hash_mix())
> having 64bit key and Jenkins hash is r
According to Amit Klein and Benny Pinkas, IP ID generation is too weak
and might be used by attackers.
Even with recent net_hash_mix() fix (netns: provide pure entropy for
net_hash_mix())
having 64bit key and Jenkins hash is risky.
It is time to switch to siphash and its 128bit keys.
Signed-off
