Re: [PATCH 0/4] crypto: caam - add ecb mode support
On Thu, Feb 14, 2019 at 09:54:47PM -0800, Eric Biggers wrote: > > Sure, but the bar shouldn't be so low that new implementations of insecure > algorithms the world is moving away from are accepted without a real use case. > We should be moving towards removing these algorithms instead. The original > DES > is especially bad as it only has a 56-bit key. I'd like to better understand > if/why people claim to not only still need these algorithms in 2019, but also > need brand new implementations of them. If we're going to remove DES then we should remove all implementations of it and not single out a single driver. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On Fri, Feb 15, 2019 at 01:24:42PM +0800, Herbert Xu wrote: > On Wed, Feb 13, 2019 at 10:51:36AM -0800, Eric Biggers wrote: > > > > You are claiming you need DES-ECB, 3DES-ECB, *and* ARC4 for that? > > > > Which one is it actually, if any? > > Since these are existing algorithms in the crypto API and we're > simply adding them to the driver I think the bar of acceptance > is lower than if it were a completely new addition to the kernel. > > Thanks, > -- > Email: Herbert Xu > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt Sure, but the bar shouldn't be so low that new implementations of insecure algorithms the world is moving away from are accepted without a real use case. We should be moving towards removing these algorithms instead. The original DES is especially bad as it only has a 56-bit key. I'd like to better understand if/why people claim to not only still need these algorithms in 2019, but also need brand new implementations of them. - Eric
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On Wed, Feb 13, 2019 at 10:51:36AM -0800, Eric Biggers wrote: > > You are claiming you need DES-ECB, 3DES-ECB, *and* ARC4 for that? > > Which one is it actually, if any? Since these are existing algorithms in the crypto API and we're simply adding them to the driver I think the bar of acceptance is lower than if it were a completely new addition to the kernel. Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On Fri, Feb 08, 2019 at 03:50:06PM +0200, Iuliana Prodan wrote: > This patch set adds ecb mode support for aes, des, 3des and arc4 ciphers. > skcipher implementation is reused, making sure to handle the no IV case. > > While here: > -fix a DMA API issue where initial src/dst_nents are used instead of nents > returned by dma_map_sg() > -export arc4 defines in a common header > -update cbc des and 3des to check for weak keys > > Iuliana Prodan (4): > crypto: caam - use mapped_{src,dst}_nents for job descriptor > crypto: export arc4 defines > crypto: caam - add ecb(*) support > crypto: caam - weak key checking for cbc des, 3des > > crypto/arc4.c | 5 +- > drivers/crypto/bcm/cipher.h| 4 +- > drivers/crypto/caam/Kconfig| 1 + > drivers/crypto/caam/caamalg.c | 215 > - > drivers/crypto/caam/caamalg_desc.c | 18 ++-- > drivers/crypto/caam/compat.h | 1 + > include/crypto/arc4.h | 13 +++ > 7 files changed, 195 insertions(+), 62 deletions(-) > create mode 100644 include/crypto/arc4.h All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On 2/8/2019 3:51 PM, Iuliana Prodan wrote: > This patch set adds ecb mode support for aes, des, 3des and arc4 ciphers. > skcipher implementation is reused, making sure to handle the no IV case. > For the series: Reviewed-by: Horia Geantă Thanks, Horia
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On Wed, Feb 13, 2019 at 06:45:16PM +, Horia Geanta wrote: > On 2/9/2019 11:52 PM, Eric Biggers wrote: > > Do you have an actual use case for adding more DES, 3DES, and ARC4 > > implementations, or are you simply adding them because the hardware happens > > to > > supports it? These old ciphers are insecure, so IMO more implementations > > should > > only be added if there is a real use case where they're absolutely needed. > > > One legit use case is PIN encryption in Point of Sale solution. > > Horia You are claiming you need DES-ECB, 3DES-ECB, *and* ARC4 for that? Which one is it actually, if any?
Re: [PATCH 0/4] crypto: caam - add ecb mode support
On 2/9/2019 11:52 PM, Eric Biggers wrote: > Do you have an actual use case for adding more DES, 3DES, and ARC4 > implementations, or are you simply adding them because the hardware happens to > supports it? These old ciphers are insecure, so IMO more implementations > should > only be added if there is a real use case where they're absolutely needed. > One legit use case is PIN encryption in Point of Sale solution. Horia
Re: [PATCH 0/4] crypto: caam - add ecb mode support
Hi Iuliana, On Fri, Feb 08, 2019 at 03:50:06PM +0200, Iuliana Prodan wrote: > This patch set adds ecb mode support for aes, des, 3des and arc4 ciphers. > skcipher implementation is reused, making sure to handle the no IV case. > > While here: > -fix a DMA API issue where initial src/dst_nents are used instead of nents > returned by dma_map_sg() > -export arc4 defines in a common header > -update cbc des and 3des to check for weak keys > > Iuliana Prodan (4): > crypto: caam - use mapped_{src,dst}_nents for job descriptor > crypto: export arc4 defines > crypto: caam - add ecb(*) support > crypto: caam - weak key checking for cbc des, 3des > Do you have an actual use case for adding more DES, 3DES, and ARC4 implementations, or are you simply adding them because the hardware happens to supports it? These old ciphers are insecure, so IMO more implementations should only be added if there is a real use case where they're absolutely needed. - Eric
[PATCH 0/4] crypto: caam - add ecb mode support
This patch set adds ecb mode support for aes, des, 3des and arc4 ciphers. skcipher implementation is reused, making sure to handle the no IV case. While here: -fix a DMA API issue where initial src/dst_nents are used instead of nents returned by dma_map_sg() -export arc4 defines in a common header -update cbc des and 3des to check for weak keys Iuliana Prodan (4): crypto: caam - use mapped_{src,dst}_nents for job descriptor crypto: export arc4 defines crypto: caam - add ecb(*) support crypto: caam - weak key checking for cbc des, 3des crypto/arc4.c | 5 +- drivers/crypto/bcm/cipher.h| 4 +- drivers/crypto/caam/Kconfig| 1 + drivers/crypto/caam/caamalg.c | 215 - drivers/crypto/caam/caamalg_desc.c | 18 ++-- drivers/crypto/caam/compat.h | 1 + include/crypto/arc4.h | 13 +++ 7 files changed, 195 insertions(+), 62 deletions(-) create mode 100644 include/crypto/arc4.h -- 2.1.0