Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp586128pxb; Wed, 18 Aug 2021 09:11:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz2kb8C/6n31BmheGvSJsbRVyufq8QEcZbTAgcggbh9AV9vy7CE9/gqYKu+ZnXEf9It89DH X-Received: by 2002:a17:907:2bc1:: with SMTP id gv1mr10970553ejc.58.1629303109537; Wed, 18 Aug 2021 09:11:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629303109; cv=none; d=google.com; s=arc-20160816; b=sFN6dvGKwq/0fzfagEfHeiD/sTaoGPSZB0Ga4HqhkVf50BXmGj613vUhJFs3O+N+p7 DJ4WNRdirxdXpI82VcLqOGbB0PTH5yDkbkM4A8cmUlDT0jhcbupkFs9CGvVA9ypvU8wa Q6WpwfOc8ciscHHvws+ycgnYPqLDh6LMxD7ndeftYg/qC7qkDBXe240CUMI+qiCBeokh 1Jri1RM8R4aiuasMIxc7vHhmY5l7y/KTWqDWTqjUq590mcz4zjhMY3FrwH46Tu+3TduR 7+3/chQfLZi6Om9AHngELFwi60Un5tyFoR66iV0i3O5DLOxkVMaYUV60PXqHfIAUCKA9 sOJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=dXv0lrqow3lg7bdI0o1KPNUv3E0ppBU50yepXB3/gQc=; b=kkn5GOXH2uL88mHXbVfBKSsISnk8b6q2RruLE/eUfUDiKI+jlSJwHXozKzIrPOEdqc Phv5JogstmMTfhrB16OzPSesfXNRpuzS4BxrYfxz0YV2dx1hr7KweI8EZ/SCHVfo0zIm wpVj+OVpXkHlhBorTarNnNSyyYBEQ50nzltYpjSOe526r9W82W0CfCdcb2/9QjeLSDzA cr4MdxRTC0FWMTF7HGh9k/ln/uOsEUS+lOR9TC5kWJkXxc2I4RU6MXk/s11ze5EN+y7M WGUyts1otSX7rUzXdhFehGemprBUBaAxnLSGqZpZRQCROJqu1uVbPpVM8DFHirKqTxwd T5Ow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K8USbrDC; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u14si374562ejy.78.2021.08.18.09.11.06; Wed, 18 Aug 2021 09:11:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K8USbrDC; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229558AbhHRQLd (ORCPT + 99 others); Wed, 18 Aug 2021 12:11:33 -0400 Received: from mail.kernel.org ([198.145.29.99]:40298 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229454AbhHRQLd (ORCPT ); Wed, 18 Aug 2021 12:11:33 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 9D5E86103A; Wed, 18 Aug 2021 16:10:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1629303058; bh=6hd4iGGRYaw8mCPChpLy5dTqNktMmwKuY5LAOhFNPR0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=K8USbrDC2uta8S/2bfhGsNPrYSlkMBLgg385YsOnlH2jQ16Iwd3ZJTJsOs1eDfi1R sbI5PnIj4RUdL9RMBnrDjF8RT6hLMvf+Ztm/7+yW8uLHdp/tJtTYVkp7cs/sByJY6I MwCpLqYqUK8C16ZqyvpipV2PTIJfFwSAtxBvsfh6zH6K/EhYdhPevVJmOAPhO7ByZS 5q5e2Y5uZ0t05dXq/UZ3R/2pEecyE7vmxaZdCdlLbDyNPZOqfdTl8q1KIiC9bNBxg0 fbu7U7xgHZEZGYvOUllWHhrI4wRe5ZOgUrVcp5f9pP06DwvN5ADdLgwwIyJdS02m0p 99JZc/3hClpjA== Received: by mail-ot1-f51.google.com with SMTP id c19-20020a9d6153000000b0051829acbfc7so4699440otk.9; Wed, 18 Aug 2021 09:10:58 -0700 (PDT) X-Gm-Message-State: AOAM533v5bFYXMiYUfrP12gLnkYSjVZgjYGa1UIRv19F6WkG1HjYX2w0 zAvkbGGnyG8bchBjSnTjOYsRYGgPKRhFWwK5FpE= X-Received: by 2002:a05:6830:47:: with SMTP id d7mr7525291otp.108.1629303058007; Wed, 18 Aug 2021 09:10:58 -0700 (PDT) MIME-Version: 1.0 References: <20210818144617.110061-1-ardb@kernel.org> <946591db-36aa-23db-a5c4-808546eab762@gmail.com> In-Reply-To: <946591db-36aa-23db-a5c4-808546eab762@gmail.com> From: Ard Biesheuvel Date: Wed, 18 Aug 2021 18:10:46 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 0/2] crypto: remove MD4 generic shash To: Denis Kenzior Cc: Linux Crypto Mailing List , Herbert Xu , Eric Biggers , ronnie sahlberg , linux-cifs , Steve French , David Howells , keyrings@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, 18 Aug 2021 at 16:51, Denis Kenzior wrote: > > Hi Ard, > > On 8/18/21 9:46 AM, Ard Biesheuvel wrote: > > As discussed on the list [0], MD4 is still being relied upon by the CIFS > > driver, even though successful attacks on MD4 are as old as Linux > > itself. > > > > So let's move the code into the CIFS driver, and remove it from the > > crypto API so that it is no longer exposed to other subsystems or to > > user space via AF_ALG. > > > > Can we please stop removing algorithms from AF_ALG? I don't think we can, to be honest. We need to have a deprecation path for obsolete and insecure algorithms: the alternative is to keep supporting a long tail of broken crypto indefinitely. > The previous ARC4 removal > already caused some headaches [0]. This is the first time this has been reported on an upstream kernel list. As you know, I went out of my way to ensure that this removal would happen as smoothly as possible, which is why I contributed code to both iwd and libell beforehand, and worked with distros to ensure that the updated versions would land before the removal of ARC4 from the kernel. It is unfortunate that one of the distros failed to take that into account for the backport of a newer kernel to an older distro release, but I don't think it is fair to blame that on the process. > Please note that iwd does use MD4 for MSCHAP > and MSCHAPv2 based 802.1X authentication. > Thanks for reporting that. So what is your timeline for retaining MD4 support in iwd? You are aware that it has been broken since 1991, right? Please, consider having a deprecation path, so we can at least agree on *some* point in time (in 6 months, in 6 years, etc) where we can start culling this junk.