From: Ard Biesheuvel <email@example.com> To: Denis Kenzior <firstname.lastname@example.org> Cc: Linux Crypto Mailing List <email@example.com>, Herbert Xu <firstname.lastname@example.org>, Eric Biggers <email@example.com>, ronnie sahlberg <firstname.lastname@example.org>, linux-cifs <email@example.com>, Steve French <firstname.lastname@example.org>, David Howells <email@example.com>, firstname.lastname@example.org Subject: Re: [PATCH 0/2] crypto: remove MD4 generic shash Date: Wed, 18 Aug 2021 18:10:46 +0200 [thread overview] Message-ID: <CAMj1kXEjHojAZ0_DPkogHAbmS6XAOFN3t8-4VB0+zN8ruTPVCg@mail.gmail.com> (raw) In-Reply-To: <email@example.com> On Wed, 18 Aug 2021 at 16:51, Denis Kenzior <firstname.lastname@example.org> wrote: > > Hi Ard, > > On 8/18/21 9:46 AM, Ard Biesheuvel wrote: > > As discussed on the list , MD4 is still being relied upon by the CIFS > > driver, even though successful attacks on MD4 are as old as Linux > > itself. > > > > So let's move the code into the CIFS driver, and remove it from the > > crypto API so that it is no longer exposed to other subsystems or to > > user space via AF_ALG. > > > > Can we please stop removing algorithms from AF_ALG? I don't think we can, to be honest. We need to have a deprecation path for obsolete and insecure algorithms: the alternative is to keep supporting a long tail of broken crypto indefinitely. > The previous ARC4 removal > already caused some headaches . This is the first time this has been reported on an upstream kernel list. As you know, I went out of my way to ensure that this removal would happen as smoothly as possible, which is why I contributed code to both iwd and libell beforehand, and worked with distros to ensure that the updated versions would land before the removal of ARC4 from the kernel. It is unfortunate that one of the distros failed to take that into account for the backport of a newer kernel to an older distro release, but I don't think it is fair to blame that on the process. > Please note that iwd does use MD4 for MSCHAP > and MSCHAPv2 based 802.1X authentication. > Thanks for reporting that. So what is your timeline for retaining MD4 support in iwd? You are aware that it has been broken since 1991, right? Please, consider having a deprecation path, so we can at least agree on *some* point in time (in 6 months, in 6 years, etc) where we can start culling this junk.
next prev parent reply other threads:[~2021-08-18 16:11 UTC|newest] Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-08-18 14:46 Ard Biesheuvel 2021-08-18 14:51 ` Denis Kenzior 2021-08-18 16:10 ` Ard Biesheuvel [this message] 2021-08-18 16:23 ` Denis Kenzior 2021-08-18 16:47 ` Steve French 2021-08-18 22:08 ` Jeremy Allison 2021-08-19 3:49 ` Andrew Bartlett 2021-08-19 5:18 ` Eric Biggers 2021-08-19 5:23 ` Andrew Bartlett 2021-08-18 21:11 ` ronnie sahlberg 2021-08-18 22:10 ` Ard Biesheuvel 2021-08-18 22:22 ` Denis Kenzior 2021-08-18 23:03 ` Steve French 2021-08-19 16:56 ` Denis Kenzior 2021-08-19 10:42 ` Jarkko Sakkinen 2021-08-19 17:10 ` Steve French 2021-08-19 20:54 ` ronnie sahlberg
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAMj1kXEjHojAZ0_DPkogHAbmS6XAOFN3t8-4VB0+zN8ruTPVCg@mail.gmail.com \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --subject='Re: [PATCH 0/2] crypto: remove MD4 generic shash' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).