ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Ib qho kev siv ntawm / dev / random tau thov rau Linux ntsiav, tso tawm los ntawm kev khi rau SHA-1

Ib qho kev siv ntawm / dev / random tau thov rau Linux ntsiav, tso tawm los ntawm kev khi rau SHA-1

Jason A. Donenfeld, tus sau ntawm VPN WireGuard, tau thov ib qho kev hloov kho tshiab ntawm RDRAND pseudo-random tooj generator lub luag haujlwm rau kev ua haujlwm ntawm /dev/random thiab /dev/urandom li hauv Linux kernel. Thaum kawg ntawm lub Kaum Ib Hlis, Jason tau suav nrog cov neeg saib xyuas ntawm tus neeg tsav tsheb random thiab tam sim no tau tshaj tawm thawj cov txiaj ntsig ntawm nws txoj haujlwm ntawm kev ua tiav.

Qhov kev siv tshiab yog qhov tseem ceeb rau nws qhov kev hloov pauv mus rau kev siv BLAKE2s hash ua haujlwm tsis yog SHA1 rau kev ua haujlwm sib xyaw ua ke. Qhov kev hloov pauv tau txhim kho kev ruaj ntseg ntawm pseudo-random tooj generator los ntawm kev tshem tawm cov teeb meem SHA1 algorithm thiab tshem tawm cov overwriting ntawm RNG initialization vector. Txij li thaum BLAKE2s algorithm yog superior rau SHA1 hauv kev ua tau zoo, nws siv kuj muaj txiaj ntsig zoo rau kev ua haujlwm ntawm pseudo-random tooj generator (kev sim ntawm ib qho system nrog Intel i7-11850H processor pom 131% nce ceev). Lwm qhov zoo dua ntawm kev hloov pauv entropy sib xyaw rau BLAKE2 yog kev sib koom ua ke ntawm cov txheej txheem siv - BLAKE2 yog siv hauv ChaCha cipher, twb tau siv los rho tawm cov sequences.

Tsis tas li ntawd, kev txhim kho tau ua rau lub crypto-kev ruaj ntseg pseudo-random tooj generator CRNG siv hauv kev hu xov tooj. Cov kev txhim kho kub nce mus rau qhov txwv tsis pub hu rau lub tshuab hluav taws xob RDRAND qeeb thaum rho tawm entropy, uas txhim kho kev ua tau zoo los ntawm 3.7 npaug. Jason tau qhia tias kev hu xov tooj RDRAND tsuas yog ua rau muaj kev nkag siab zoo hauv qhov xwm txheej uas CRNG tseem tsis tau pib ua tiav, tab sis yog tias qhov pib ntawm CRNG tiav, nws tus nqi tsis cuam tshuam rau qhov zoo ntawm cov khoom tsim thiab qhov no hu rau RDRAND. tuaj yeem faib nrog.

Cov kev hloov pauv tau teem sijhawm rau kev suav nrog hauv 5.17 ntsiav thiab twb tau tshuaj xyuas los ntawm cov neeg tsim khoom Ted Ts'o (tus saib xyuas thib ob ntawm tus neeg tsav tsheb random), Greg Kroah-Hartman (lub luag haujlwm tswj xyuas ceg ruaj khov ntawm Linux ntsiav) thiab Jean-Philippe Aumasson (tus sau ntawm BLAKE2/3 algorithms).

Tau qhov twg los: opennet.ru

Ntxiv ib saib