Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp61661pxb; Wed, 18 Aug 2021 16:04:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzkwUTmOa8G0rGgrRwqFVR+4bc6+WLW6/xC0tA6u+WMkdM7DDh8jHrY6MzCx9/0v/hz60Ss X-Received: by 2002:a5d:8596:: with SMTP id f22mr9216264ioj.147.1629327868229; Wed, 18 Aug 2021 16:04:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629327868; cv=none; d=google.com; s=arc-20160816; b=oC9g/dvrfEM7kMAefzcmgzhq8c90j5krL5bcdShQdpXCDclqUgj+EsN1o+d2xLdhL2 +WEYl/OUaQVkwCcTgJDw2xSBAiuObEh9lkhYxPLsVjME19xPGCSXujoRrlAQO6WKrgoN RBrCvqel5AQX0KOCM3/8LO6WjL3hr5wGxGD0YfRJ9KiNL9jQZYYtLunK0yiBnREUpjpR 3WylCOOz+Jx8KjtEvOcctGnpJ3JyGuWZ7DcLejIuyVMkX+T6CjDjgP+yn+j49UJdu7Oh U9gXuZ7WVFa3dKUr4VqsNRARmCQQSEYnuJuY1rtfGXx0vw3EN9KPCyt3v5ykRh9o7wD6 2WqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=8Z1R2fYrOTNobmlJ+3vB5EQ4usNEedoji07UX/UXLZ0=; b=xhMnsMSBsQ9MWn1FoILIV3eViINN4ZOBzYQ6fAJEA6z1FjWdKdp8Mo1mhk+AkQasgu t156ORhTKrOLb+q9UYJlJeZSJqyOrczuujDC4CG8eSX5PWC3ekv3fg/33+VzjHksUsI3 PfbAMZHGaJ4KMubfztaPTLoP/fGA5nvu23PNMne6mY5ASs/gdO8TjktW9XCosEnp1r6E V5i6XCSMDR0CZCGMyDuxIahdaN7dxZlQAb+IDO3bPl+m3hWLw+7DHAtKBCaaE0VE37hU znT9J0WpXopcbh9vAUUwFVf6MotNhklyRrxuFujN6iGD5tNLeU69o0o9PKtXyV/xwR4G uHRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=bhiznbVn; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c1si1407010ilo.83.2021.08.18.16.04.06; Wed, 18 Aug 2021 16:04:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=bhiznbVn; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234642AbhHRXEi (ORCPT + 99 others); Wed, 18 Aug 2021 19:04:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229478AbhHRXEi (ORCPT ); Wed, 18 Aug 2021 19:04:38 -0400 Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6F81C061764; Wed, 18 Aug 2021 16:04:02 -0700 (PDT) Received: by mail-lf1-x132.google.com with SMTP id g13so8148229lfj.12; Wed, 18 Aug 2021 16:04:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8Z1R2fYrOTNobmlJ+3vB5EQ4usNEedoji07UX/UXLZ0=; b=bhiznbVnEElfdRFu5TOHs3MZd9U86RLjG+RsUU898sYZlmi8E4xAcRhy+WpNWWeCDY /z1H9MCRx3dojy3XQXAbMs02Ix0261vSBEEYzSnps/vmwNL6fX0oE69uOaJQrt1w00Mu giLOtN7RVaT1P84/tTtRJa7B0bXTIsnZY8KZQ+xc6FUeCt3JgHjytvqvLl7PlVeRSoc5 skImqy9Yd2S3yyKtHodkB7JEG5vGrYxkvr65UTuuw2qAANVDDsRHQ6aimPJ/ajaOfHt2 VPKv6u5AiLvavRpMsuFaAEUjAvxREtwsF/sD1agnKfjPa3dLSyRoyLOjyvbgMq9IXxiH Z/VA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8Z1R2fYrOTNobmlJ+3vB5EQ4usNEedoji07UX/UXLZ0=; b=JgXA78q8ahQFUVl8r8NyvC6Iw3mR7K9LgUYhM4lQZmzxtvZTW3a0xteMNxfNrtylzJ SF2MdikMG+qD21A3rlINhat5nYytFQFf3cm+oZXcmsi27DQKQPdcwbQVM5OIH5zu8wlj lSFXFHaK8hRPVhHLgBApRyG48H2MCws5mRhYSyFkhRGkYnLqZHv5/96X/mnIpTrdcB8y VOuXzrg6CnODEpYi/ixi+rYTJ0cTJduILpU/P/IQiVYXETte5ZDWNJvq3+ER9BObYdAb WtoMKt9yeLAXw6lYrLwhstLIWNKGT489FtKKY23/KC2JtBhoENE3oycAmHgK7g6OADiZ dbxA== X-Gm-Message-State: AOAM532/soaUl8ESDW1WIrS3zGYmrsFmj+0MsL2uf9dxi4hR7YH1kJ7n bFDY/qe8Vo0ebsgxR2NbMdFhRixTvIye/2lMJ1E= X-Received: by 2002:ac2:4350:: with SMTP id o16mr8377063lfl.184.1629327841043; Wed, 18 Aug 2021 16:04:01 -0700 (PDT) MIME-Version: 1.0 References: <20210818144617.110061-1-ardb@kernel.org> <946591db-36aa-23db-a5c4-808546eab762@gmail.com> <24606605-71ae-f918-b71a-480be7d68e43@gmail.com> In-Reply-To: From: Steve French Date: Wed, 18 Aug 2021 18:03:50 -0500 Message-ID: Subject: Re: [PATCH 0/2] crypto: remove MD4 generic shash To: Denis Kenzior Cc: Ard Biesheuvel , Linux Crypto Mailing List , Herbert Xu , Eric Biggers , ronnie sahlberg , linux-cifs , Steve French , David Howells , keyrings@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, Aug 18, 2021 at 5:22 PM Denis Kenzior wrote: > > Hi Ard, > > >> That is not something that iwd has any control over though? We have to support > >> it for as long as there are organizations using TTLS + MD5 or PEAPv0. There > > Ah, my brain said MSCHAP but my fingers typed MD5. > > >> are still surprisingly many today. > >> > > > > Does that code rely on MD4 as well? > > > > But the answer is yes. Both PEAP and TTLS use MSCHAP or MSCHAPv2 in some form. > These are commonly used for Username/Password based WPA(2|3)-Enterprise > authentication. Think 'eduroam' for example. Can you give some background here? IIRC MS-CHAPv2 is much worse than the NTLMSSP case in cifs.ko (where RC4/MD5 is used narrowly). Doesn't MS-CHAPv2 depend on DES? -- Thanks, Steve