On Do, 25.04.19 13:14, Przemek Klosowski (przemek.klosow...@nist.gov) wrote:
> On 4/25/19 5:14 AM, Lennart Poettering wrote: > > For the hashtable seeds we use classic /dev/urandom (i.e. entropy from > > a possibly non-initialized pool) since it's OK if those seeds are > > crappy initially, as long as they get better over time, since we > > reseed if we see too many hash collisions. > > I thought that hashing would be fine with a completely predictable > generator, as long as the sequence itself is not correlated, i.e. it would > be OK if the sequence used for hashing was the same on every system. No, because then I can calculate in advance which hashes the target system uses and this still trigger the collisions. The seed hence must be hard to guess from the outside, and thus cannot follow a predictable scheme. > My point here is that actual entropy of the seeding is irrelevant, at all > times---would you agree? No, I would not agree. > That leaves the invocation IDs---the UUIDs need to be random to be truly > Universally Unique, but a limited entropy system is implicitly isolated, so > maybe the limited UUIDs could be seen as Universal in its very small > Universe. What is the time duration of the original invocation IDs? What are > the negative implication of the initial UUIDs being less random than the > subsequent ones? Invocation IDs are useful for globally pinpointing a specific service invocation. If the UUIDs would stop to be truly random then they'd stop being universally unique and thus stop being useful. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
