Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, FREEMAIL_REPLYTO_END_DIGIT,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B299C43381 for ; Mon, 1 Apr 2019 12:43:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 63C7C20883 for ; Mon, 1 Apr 2019 12:43:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=protonmail.ch header.i=@protonmail.ch header.b="B8kHUbHl" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726163AbfDAMnv (ORCPT ); Mon, 1 Apr 2019 08:43:51 -0400 Received: from mail-40136.protonmail.ch ([185.70.40.136]:22545 "EHLO mail-40136.protonmail.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725897AbfDAMnv (ORCPT ); Mon, 1 Apr 2019 08:43:51 -0400 Date: Mon, 01 Apr 2019 12:43:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.ch; s=default; t=1554122628; bh=4NWbnXo7XxP9JL9DZ3XnvE8TxMbWswVTWUBTMTy30BQ=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References: Feedback-ID:From; b=B8kHUbHlJr3C9lArS+V/VUSCPZ9d5Ukz8EJDkUlvreiY/U8prjSTa1RmB9BTaRwiM xH65ySyX8D/Y4psDygaP4VAV4lDmOa0KyBgPKH0Ga3d0n5l265ec2Yw9o/ZY/xUJJy 0HtRKzCuOcjk93HuvYg0BIPssQFhzrHGuNSI8xEE= To: Pascal Van Leeuwen From: Jordan Glover Cc: Vitaly Chikunov , Eric Biggers , Theodore Ts'o , "Jason A. Donenfeld" , "herbert@gondor.apana.org.au" , "linux-crypto@vger.kernel.org" Reply-To: Jordan Glover Subject: RE: Should we consider removing Streebog from the Linux Kernel? Message-ID: In-Reply-To: References: <20190325044550.GI5675@mit.edu> <20190325060041.wl23bncqjab7dj5c@altlinux.org> <20190331224329.GA681@sol.localdomain> <20190401100437.6tivlvp53zjprda6@altlinux.org> Feedback-ID: QEdvdaLhFJaqnofhWA-dldGwsuoeDdDw7vz0UPs8r8sanA3bIt8zJdf4aDqYKSy4gJuZ0WvFYJtvq21y6ge_uQ==:Ext:ProtonMail MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Monday, April 1, 2019 11:44 AM, Pascal Van Leeuwen wrote: > > On Monday, April 1, 2019 10:04 AM, Vitaly Chikunov vt@altlinux.org wrot= e: > > > > > > Can you elaborate on why you want to use Streebog? When we added > > > > Speck, we explained in great detail why it was useful from a > > > > technical perspective (before Adiantum was ready). I don't see any = such > > > > explanation for Streebog. > > > > > > Our users demand that file integrity is implemented using their > > > national standard algorithm. > > > Thanks, > > > > Does it mean that every state can demand from Linux kernel to carrying = crypto > > algorithms of their choice? > > I doubt that states can have that kind of leverage over the main linux ke= rnel, > but they DO have that kind of leverage over local companies and individua= ls. > And it is not uncommon for states not to trust any "western" crypto and > mandate(!) the use of specific home-grown algorithms instead. > So if you need to facilitate such requirements from your device incorpora= ting > Linux, it's terribly convenient for those algorithms to be part of the ma= inline kernel. > As the alternative would be to either maintain those outside of the kerne= l tree > or to fork the kernel in its entirety, considering you must support them. > So if they have leverage over companies and individuals they have leverage = over the linux kernel too :) I wonder what will be the limits of this leverage. Imagine some state (east= ern or western, north or south) starts to require using backdoored crypto because = they don't trust something they can't break. Will linux kernel comply? > i.e. you can't blame them for trying ... and what WOULD be a good reason = for > including a certain algorithm anyway? > Technical soundness and problems it solves. Speck was already given as exam= ple. It was needed due to performance constraints on lower-end devices and when = it wasn't needed anymore it was thrown to the bin. > Regards, > Pascal, HW Security Architect Jordan