As I've been working on OpenCrypto, I've noticed that we have some
ciphers that OpenBSD does not... As we haven't had a maintainer for
the code, no one has been evaluating which ciphers should be included...
I would like to document the following ciphers as depcreated in 11, and
remove them for 12:
Skipjack: already removed by OpenBSD and recommend not for use by NIST
after 2010, key size is 80 bits
CAST: key size is 40 to 128 bits
As you can see, both of these ciphers weak and we should not encourage
their use. Their removal from OpenCrypto will practically only remove
them from their use w/ IPSec. Most other systems are userland and will
use OpenSSL which is different.
It would be possible for parties that need support to make them a
module, but right now, if you compile in crypto into your kernel, you
get all of these ciphers...
Comments?
Thanks.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
06/09/2014 00:26 - John-Mark Gurney wrote:> As I've been working on OpenCrypto, I've noticed that we have some > ciphers that OpenBSD does not... As we haven't had a maintainer for > the code, no one has been evaluating which ciphers should be included... > > I would like to document the following ciphers as depcreated in 11, and > remove them for 12: > Skipjack: already removed by OpenBSD and recommend not for use by NIST > after 2010, key size is 80 bits > CAST: key size is 40 to 128 bits > > As you can see, both of these ciphers weak and we should not encourage > their use. Their removal from OpenCrypto will practically only remove > them from their use w/ IPSec. Most other systems are userland and will > use OpenSSL which is different. > > It would be possible for parties that need support to make them a > module, but right now, if you compile in crypto into your kernel, you > get all of these ciphers... > > Comments? > > Thanks. > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > freebsd-security at freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org" >Sounds reasonable.
On Sep 5, 2014, at 3:25 PM, John-Mark Gurney <jmg at funkthat.com> wrote:> Skipjack: already removed by OpenBSD and recommend not for use by NIST > after 2010, key size is 80 bitsYes, nuke.> CAST: key size is 40 to 128 bitsCAST 128 is not weak. Having said that, it is also not used much, and has minor (if any) value over AES-128. I can't tell from your message if you are leaving CAST >128 in; if so, you should leave CAST 128 in as well. If CAST 128 is the max in the module, you can either remove all of CAST or leave CAST 128 in, it doesn't matter. --Paul Hoffman