From owner-freebsd-hackers  Mon Sep 15 21:57:28 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id VAA24126
          for hackers-outgoing; Mon, 15 Sep 1997 21:57:28 -0700 (PDT)
Received: from sendero-ppp.i-connect.net (sendero-ppp.i-Connect.Net [206.190.143.100])
          by hub.freebsd.org (8.8.7/8.8.7) with SMTP id VAA24119
          for <FreeBSD-Hackers@FreeBSD.org>; Mon, 15 Sep 1997 21:57:23 -0700 (PDT)
Received: (qmail 12129 invoked by uid 1000); 16 Sep 1997 04:57:46 -0000
Message-ID: <XFMail.970915215746.Shimon@i-Connect.Net>
X-Mailer: XFMail 1.2-alpha [p0] on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
Date: Mon, 15 Sep 1997 21:57:46 -0700 (PDT)
Organization: Atlas Telecom
From: Simon Shapiro <Shimon@i-Connect.Net>
To: FreeBSD-Hackers@FreeBSD.org
Subject: Fast Encryption (in kernel) seeked
Sender: owner-freebsd-hackers@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi! It's me again!

I have a specific integer (actually a pointer to a structure) which, for
performance reasons, I want exported to userspace.  What happens with this
pointer is that sometimes later it comes back to the kernel.

I want a QUICK was to encrypt it so that a melicious user cannot send a bad
address into the kernel.

The data comes and goes via special /dev entry in the form of READ, WRITE
and IOCTL.  The pointer in question is to a small structure and the data in
the structure is safe from corruption.

The reasonm for this mess is that the structure is created/anihilated via
malloc/free and the process returning it to the kernel may not be the one
that got it from the kernel.  Instead of a key to search on, having the
address is much faster.  The security issue is obvious.

If I could have a FAST machanism by which to ``sign'' the address, It would
be advantageous way to handle it.  If I put just a unique signature that I
have to then search for,  well, I knwo how to do that, and actually already
do that.  XORing the pointer can be safe from accidents, but too easy to
fake.

If this sounds like harebrain idea, it probably is :-)

---


Sincerely Yours,                               (Sent on 15-Sep-97, 21:44:35
by XF-Mail)

Simon Shapiro                                                Atlas Telecom
Senior Architect         14355 SW Allen Blvd., Suite 130 Beaverton OR 97005
Shimon@i-Connect.Net          Voice:  503.643.5559, Emergency: 503.799.2313