The best practice, which is fairly well-known from NIST and academic sources, is to use a strong (and expensive) RNG source to initialize a stream cipher. Preferably a trusted block cipher such as AES in a stream mode-of-operation should be used given the security history of stream ciphers, though RC4 may still be okay.
The stream output is by definition cryptographically still strong but computationally far less expensive random bytes. Definitely much cheaper than using a crypto hash function such as the note-quite-broken-yet SHA-1 or the obsolete MD4/5.
Why is a hack being implemented when a standard solution exist? Why is MD4 still in the kernel at all?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds