Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp272833pxb;
        Wed, 18 Aug 2021 22:19:17 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJx2c3KHCGOHA8082s/j6nOsCHMeHUD0QRRYNSmNb0Gs1Itx8XCFKWdOsqTyQWGl2OmetPk8
X-Received: by 2002:aa7:d44c:: with SMTP id q12mr14443953edr.57.1629350357241;
        Wed, 18 Aug 2021 22:19:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1629350357; cv=none;
        d=google.com; s=arc-20160816;
        b=MtxyujOGg8tPN2k/N6KKiHM3GTWa/SxC8/oRL4o0vVaiGpxq8OQ/Hp4fsnoPiVdDfS
         +1ci2u93F/GBvGIRLO6INZMw1A7RIbnee4s4tUJal/S96L67pFxJAGHY4aPmWL/X47eU
         aCRJv7h0EKbQG68S+tLTFsNTFqmdUxAxVJsR8JEAT99ob5ZvdKELIWSqn2HUiWM8BVaL
         pJ/D5pq+I/iOzUxzdCMIjpwcn80i+fWbWoUjJbEsX7I/gEo9eINeJHTCq45W9PCvzNaR
         zgvq4rOi64oZSlBDLB8OEFO9bOVsXqli8i5Ih0pAZd20S9QcHmK1mWaKV8uSgfOap2fV
         Ivkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=tdGnFAlZUgj3/1EsbrliaVq8VNjI3t4ieJw8a+roxL4=;
        b=YKwZfJTLages20ydU5KlJN2iYcniobKIXwugQr4OpS2totnw7dSG4yyc6eIExlph1F
         +eyvyBMjrlE6SQlyaJ8qDetvDSHoqBpOxQB1h1U9Fydt58YUST1oyflz3IlTIa4vySz7
         LuSATGkHfocqvEvA5ervMVTzUjlUaPeH/GMy6f2vI+NB6tRVw1idNlewW/kvm7nKfMFM
         CRdTkV8FL1lB7mdYZD9JxMPROGRWFzOVeNNw/nkXRP5VwS5OjXJg8CnZuU3Ed63VD0x9
         ysh0+krWGjphrfKEAn2s0Y+WcyBeraZQKPfw5DfPP6cZlI3Y3zQDrf/bCbreA34TySo7
         Q9gQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=YAxEpkeM;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id zn21si2320899ejb.340.2021.08.18.22.18.41;
        Wed, 18 Aug 2021 22:19:17 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=YAxEpkeM;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229868AbhHSFSl (ORCPT <rfc822;will.sands.v@gmail.com>
        + 99 others); Thu, 19 Aug 2021 01:18:41 -0400
Received: from mail.kernel.org ([198.145.29.99]:54548 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229451AbhHSFSk (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 19 Aug 2021 01:18:40 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id AFD9761107;
        Thu, 19 Aug 2021 05:18:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1629350285;
        bh=eUe4iHnO0QHSuRxWzei4ahFKR+9XbVenRz1m8RYT/Po=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=YAxEpkeMOOlK+qVLQkf/bw0q39y8+yKlOzTlwmF4dZ2BQaF03yq0t3lgO29d3NuRx
         ta/DGg9tUOjujlyFjUNE01uxBdwjAW4i8n/J1xy9MbM8/B7RKksI4tDPvtu+h9nDLz
         w+OA6QaSSNRwHlbdyozyguXwQWd1efrSBoqwj7xv+8Hd0IrCtKom2MOAHEpXMGcH2c
         Bxa0kP0F9ZWvMRj0e3EIGlpoyk6YskjrZc2etlbIgq5CR7yJ+N8DnAhOiKeCeF9ntH
         Tlcz3wnrI5eTZwmYFVW/i2vOZugfWZfNnxb631vcykVm3Bqtgj4nCyfiDhONSMXxDZ
         KX3j8igFhCS1g==
Date:   Wed, 18 Aug 2021 22:18:03 -0700
From:   Eric Biggers <ebiggers@kernel.org>
To:     Andrew Bartlett <abartlet@samba.org>
Cc:     Jeremy Allison <jra@samba.org>, Steve French <smfrench@gmail.com>,
        linux-cifs <linux-cifs@vger.kernel.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        samba-technical <samba-technical@lists.samba.org>,
        David Howells <dhowells@redhat.com>,
        Steve French <sfrench@samba.org>, keyrings@vger.kernel.org,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        Ard Biesheuvel <ardb@kernel.org>,
        Denis Kenzior <denkenz@gmail.com>
Subject: Re: [PATCH 0/2] crypto: remove MD4 generic shash
Message-ID: <YR3pi9HEbhknJdl6@sol.localdomain>
References: <20210818144617.110061-1-ardb@kernel.org>
 <946591db-36aa-23db-a5c4-808546eab762@gmail.com>
 <CAMj1kXEjHojAZ0_DPkogHAbmS6XAOFN3t8-4VB0+zN8ruTPVCg@mail.gmail.com>
 <24606605-71ae-f918-b71a-480be7d68e43@gmail.com>
 <CAH2r5muhHnrAbu-yX3h1VPjW+2CUyUtSCzyoOs7MXw=fE7HA_Q@mail.gmail.com>
 <YR2E2FZNdMj2xl+0@jeremy-acer>
 <d08c99b8550cc48fe04cc9f4cd5eca0532f5733d.camel@samba.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <d08c99b8550cc48fe04cc9f4cd5eca0532f5733d.camel@samba.org>
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Thu, Aug 19, 2021 at 03:49:14PM +1200, Andrew Bartlett wrote:
> I know neither MD4 nor HMAC-MD5 is not flavour of the month any more,
> with good reason, but we would not want to go with way of NFSv4 which
> is, as I understand it, full Kerberos or bust (so folks choose no
> protection).

I'm not sure you understand how embarrassing it is to still be using these
algorithms.  MD4 has been broken for over 25 years, and better algorithms have
been recommended for 29 years.  Similarly MD5 has been broken for 16 years and
better algorithms have been recommended for 25 years (though granted, HMAC-MD5
is more secure than plain MD5 when properly used).  Meanwhile SHA-2 is 20 years
old and is still considered secure.  So this isn't something that changes every
month -- we're talking about no one bothering to do anything in 30 years.

Of course, if cryptography isn't actually applicable to the use case, then
cryptography shouldn't be used at all.

- Eric