Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2610306ybi; Mon, 17 Jun 2019 07:40:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqwfns4MJaAEMxfAndm/Snh9qwsg3EhOf/XrIsVi9S3K5RTQ5DDX6oyMrs5crN1jW2mLdMFq X-Received: by 2002:a17:90a:a601:: with SMTP id c1mr25536777pjq.24.1560782449064; Mon, 17 Jun 2019 07:40:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560782449; cv=none; d=google.com; s=arc-20160816; b=zYZ3gMNpKrnB3Ws5fDfWmsCPQfh0WL6ic7zFpojU4zsHREUaiZmDRRBAjt6LSWG2LD MB80CWtIk5PHYnENnhOgGn1YKcyTiwszcIkd1FRhS9GYUCsK0QLG9bhop0r5kbzfFNEJ 5aZwtWbFG3Rv2JEokcWVn/bEg9If4bGs0zVg9fntC0WKU3/wbDqrmzBY6y+N6zXnzIq1 KeL/jhT4Spx5+hP7pYLF28OAqTlXwPArDjLx69KaT0XK8ZAYJySur6Gm3OpqsOME3qb5 U1A6ECt3JWySFAvU+iRPOCXjvDyf7wXNc3tk9JeAsfpRfnntxvtDbg/svrrfdoJ51+ST atYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Sv6MBkFuxNWS4Y7/ODJd1UzhH6pb23qCRtVaIHF/q+c=; b=LCeNa92OM7ST+yOKSBDDVosPT8T55v/ORUD+qDbtq67u3xOcQm/Jugn3LhdfVW0PBM WjTHkolYWbIo2DaJZJ9SX8CB80885D8y19d6GJlpQeMFGHr8zGNGtQTU2Klo5hp7CzyR AM7on0/1LWiHbUllxkZ0x0gf8NWReCsdjSVS4lWuB+ki+jMv5w8vyt93CcsJ11I87LMu NfW5a/RYlBr8PzuXYVj4SVjS2rFJpx15UUf6mHQXOd/PLpGcri8txin0L0mQRqp2Oe3H L2h+pDM9ui47F/r6BngbRrOlFO82D8o14gYRp+Td6AoflsvOOqymPwLt3PrQsdI6a+Mm b5+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RlgzUmgf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j63si4685767pgd.192.2019.06.17.07.40.35; Mon, 17 Jun 2019 07:40:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RlgzUmgf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728392AbfFQOj6 (ORCPT + 99 others); Mon, 17 Jun 2019 10:39:58 -0400 Received: from mail-io1-f66.google.com ([209.85.166.66]:38322 "EHLO mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728302AbfFQOj6 (ORCPT ); Mon, 17 Jun 2019 10:39:58 -0400 Received: by mail-io1-f66.google.com with SMTP id d12so13710140iod.5 for ; Mon, 17 Jun 2019 07:39:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Sv6MBkFuxNWS4Y7/ODJd1UzhH6pb23qCRtVaIHF/q+c=; b=RlgzUmgfx9yyf3BBvyHR0xyyMh+HYVVEyb+v0qWRWjZWwRwnft22o6i6RXitzgYxpt bM3fzgoVGnCZ8/KJSEsW0Gb32WP2cPFqMtVMP331n/L/EKo0nYYh/D2K1UFOsgA1ZCj3 dcPtlokzdrTzbMOKnwurcUwqmR62ByudM9TcOJ3gSEdPjTbgXJQCkazD6LjYutdh+i5o RijbGxrM4qHBvHSocR6sbHd4ijRbwAUsQen7gjUB3Uv7A+SRQBZhejgBTXY7r194EFd0 LeelsBjgL34ouhUOLzNzdusfidDaYD9kyzjC5wwUw1DhNVgHCq5BGmnFMV/sDSxwYfSS q7wA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Sv6MBkFuxNWS4Y7/ODJd1UzhH6pb23qCRtVaIHF/q+c=; b=Nkx+iS9IDfkAvE2fD8m0sV0eklZmDXDcntMotzmSnAqSvmqlRMYrHHREbeX2zb9a5/ Kx0CCudYqSc7B840BCI25U7163TEq59jIj7qspcyssovZE1Vk8iUNHcfidZfGt7QaoDY ITV9ERw3SHZnbbGSYBrBL0IBdEbW8rklLzQzwV/bu36sxEvG6OyGs3tmRbsmJujECjTk hjHGv+MD1+InIMmV8Xyhj/cn7NwLjzhZ/XY9d0JR7InUfNchzGdJBOYwyDsDMuMPYwcU ZklJegVcdvCrBAuawjUSSIT18hdw1+y3t0QwFULo+g82jPen82yb0dQKYsVTGO430sTP t4ag== X-Gm-Message-State: APjAAAXmGbV7l3gZmi5wtelECY3t3evRvv7iIa87FrwDU8pJDALDUVig 3WNNCQqIEgK37BccOYUIpVBNyh4d5vPYFL1f5mwSgQ== X-Received: by 2002:a5e:820a:: with SMTP id l10mr16879074iom.283.1560782397535; Mon, 17 Jun 2019 07:39:57 -0700 (PDT) MIME-Version: 1.0 References: <20190614083404.20514-1-ard.biesheuvel@linaro.org> <20190616204419.GE923@sol.localdomain> <8e58230a-cf0e-5a81-886b-6aa72a8e5265@gmail.com> <90214c3d-55ef-cc3a-3a04-f200d6f96cfd@gmail.com> In-Reply-To: <90214c3d-55ef-cc3a-3a04-f200d6f96cfd@gmail.com> From: Ard Biesheuvel Date: Mon, 17 Jun 2019 16:39:45 +0200 Message-ID: Subject: Re: [RFC PATCH 0/3] crypto: switch to shash for ESSIV generation To: Milan Broz Cc: Gilad Ben-Yossef , Eric Biggers , device-mapper development , linux-fscrypt@vger.kernel.org, Linux Crypto Mailing List , Herbert Xu Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, 17 Jun 2019 at 16:35, Milan Broz wrote: > > On 17/06/2019 15:59, Ard Biesheuvel wrote: > > > > So my main question/showstopper at the moment is: which modes do we > > need to support for ESSIV? Only CBC? Any skcipher? Or both skciphers > > and AEADs? > > Support, or cover by internal test? I think you nee to support everything > what dmcrypt currently allows, if you want to port dmcrypt to new API. > > I know of many systems that use aes-xts-essiv:sha256 (it does not make sense > much but people just use it). > > Some people use serpent and twofish, but we allow any cipher that fits... > Sure, that is all fine > For the start, run this > https://gitlab.com/cryptsetup/cryptsetup/blob/master/tests/mode-test > > In other words, if you add some additional limit, we are breaking backward compatibility. > (Despite the configuration is "wrong" from the security point of view.) > Yes, but breaking backward compatibility only happens if you break something that is actually being *used*. So sure, xts(aes)-essiv:sha256 makes no sense but people use it anyway. But is that also true for, say, gcm(aes)-essiv:sha256 ?