search for: aead

Displaying 20 results from an estimated 88 matches for "aead".

2023 Mar 26
1
[Bug 3553] New: PROTOCOL.key format specification is incorrect for encryption using AEAD transports
https://bugzilla.mindrot.org/show_bug.cgi?id=3553 Bug ID: 3553 Summary: PROTOCOL.key format specification is incorrect for encryption using AEAD transports Product: Portable OpenSSH Version: 9.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.org Reporter...
2018 Dec 19
1
How to configure Dovecot to disable NIST's curves and still rertain EECDH?
...etain forward secrecy through the use of EDH, but this doesn't leave much in the way of allowable algorithms on my server: $ openssl ciphers -V 'HIGH:!DSS:!EECDH:!ECDH:!SHA1:!aNULL:!eNULL:@STRENGTH' 0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD 0x00,0x6B - DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 0x00,0x9D - AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD 0x00,0x3D - AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 0x00,0x9E - DHE-RSA-AES1...
2018 Jan 10
1
[PATCH 1/6] Documentation: crypto: document crypto engine API
...tin, Thank you for this new version which I have testes successfully with the stm32 hash & cryp drivers. As a general comment on this patchset, I would say that it does not cover all async requests: typically I need (for the pending stm32 cryp driver uprade) to use CryptoEngine to process AEAD requests which is not covered here. Could you please consider adding the 'transfer' and 'finalize' EXPORTed functions for aead requests? (the implementation is quite trivial) Have also a look at struct acomp_req (acompress.h) and struct kpp_request (kpp.h) which also use "...
2013 Dec 31
2
Cipher preference
When testing chacha20-poly1305, I noticed that aes-gcm is significantly faster than aes-ctr or aes-cbs with umac. Even on systems w/o aes-ni or other recent instruction set additions. And there seems to be consensus in the crypto community that AEAD ciphers are the way forward. As such, it promoting the AEAD ciphers to the head of the preference list looks like a good idea. That would mean either: #define KEX_DEFAULT_ENCRYPT \ AESGCM_CIPHER_MODES \ "chacha20-poly1305 at openssh.com," \ "aes128-ctr,aes1...
2015 Jan 26
3
Apache and SSLv3
Hi list, I'm configuring apache with https and I've a question about sslv3 deactivation. Running "openssl ciphers -v" I get a list of cypher suite of openssl like: ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ......... Each lines report relative protocol. Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like: ECDH-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=3DES(168) Mac=SHA1 that has protocol SSLv3? Disabling SSLv3 protocol, apache will use only TLSv1.2 cypher proto...
2019 Apr 15
2
cutting corners (4.10.2 on el7.6)
...uired an updated cmake) but... building without testsuite and without clustering (ctdb) allows samba-4.10.2 to compile with this old python (2.7.5) and gnutls (3.3.29) During the configure/rpmbuild phase, I noticed those messages: ------------------------------------------ No gnutls support for AEAD encryption Building without DMAPI support: no suitable DMAPI library found WARNING: ans1Parser hasn't been found! Please install it (e.g. libtasn1-bin) ------------------------------------------ I wonder if these might be 'impactful'.. Would someone enlighten me on what purpose those...
2018 Feb 15
0
[PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests
On Fri, Jan 26, 2018 at 08:15:28PM +0100, Corentin Labbe wrote: > Hello > > The current crypto_engine support only ahash and ablkcipher request. > My first patch which try to add skcipher was Nacked, it will add too many functions > and adding other algs(aead, asymetric_key) will make the situation worst. > > This patchset remove all algs specific stuff and now only process generic crypto_async_request. > > The requests handler function pointer are now moved out of struct engine and > are now stored directly in a crypto_engine_reqctx. &...
2017 Dec 06
0
[PATCH RFC 0/4] crypto: engine - Permit to enqueue all async requests
Hi Corentin, I am fine with this proposal: it is generic enough and I have been able to test and run the crypto engine with aead_request without changing any single line of code. This is what I need to be able to send the AEAD extension of the stm32-cryp driver (successfully tested with your engine upgrade proposal). I have also tested the stm32-hash patch. Note that stm32-cryp (new driver applied by Herbert recently...
2018 Feb 16
1
[PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests
...gt; On Fri, Jan 26, 2018 at 08:15:28PM +0100, Corentin Labbe wrote: > > Hello > > > > The current crypto_engine support only ahash and ablkcipher request. > > My first patch which try to add skcipher was Nacked, it will add too many functions > > and adding other algs(aead, asymetric_key) will make the situation worst. > > > > This patchset remove all algs specific stuff and now only process generic crypto_async_request. > > > > The requests handler function pointer are now moved out of struct engine and > > are now stored directly in...
2014 Feb 24
3
nut in openwrt
Thanks again. This is the lsmod output: # lsmod aead 4256 0 arc4 1312 2 b43 324014 0 bcma 28621 1 b43, button_hotplug 2800 0 cfg80211 172273 2 b43,mac80211, cifs 190077 0 compat 651 3 b43,mac80211,cfg80211, crc16...
2020 Jun 16
0
[PATCH v5 2/2] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2020 Apr 13
0
[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2020 Jun 16
0
[PATCH v4 2/3] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2020 Jun 16
3
[PATCH v5 0/2] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2018 May 25
5
Strange crypto choices
...with NIST curves over Ed25519? Also why are smaller key, curve and hash sizes preferred over bigger ones? The default ciphers are: chacha20-poly1305 at openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm at openssh.com,aes256-gcm at openssh.com Why is CTR mode preferred over GCM? Usually, AEAD ciphers are preferred over non-AEAD ones. The default MACs are: umac-64-etm at openssh.com,umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, hmac-sha1-etm at openssh.com, umac-64 at openssh.com,umac-128 at openssh.com, hmac-sha2-256,hmac-sha2-512,hmac...
2018 Jan 26
10
[PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests
Hello The current crypto_engine support only ahash and ablkcipher request. My first patch which try to add skcipher was Nacked, it will add too many functions and adding other algs(aead, asymetric_key) will make the situation worst. This patchset remove all algs specific stuff and now only process generic crypto_async_request. The requests handler function pointer are now moved out of struct engine and are now stored directly in a crypto_engine_reqctx. The original proposal of...
2018 Jan 26
10
[PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests
Hello The current crypto_engine support only ahash and ablkcipher request. My first patch which try to add skcipher was Nacked, it will add too many functions and adding other algs(aead, asymetric_key) will make the situation worst. This patchset remove all algs specific stuff and now only process generic crypto_async_request. The requests handler function pointer are now moved out of struct engine and are now stored directly in a crypto_engine_reqctx. The original proposal of...
2020 Jun 16
14
[PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2020 Jun 16
14
[PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
...pto/cavium/cpt/cptvf_main.c | 6 ++-- drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++---- drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +-- drivers/crypto/cavium/zip/zip_crypto.c | 6 ++-- drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++-- drivers/crypto/ccree/cc_aead.c | 4 +-- drivers/crypto/ccree/cc_buffer_mgr.c | 4 +-- drivers/crypto/ccree/cc_cipher.c | 6 ++-- drivers/crypto/ccree/cc_hash.c | 8 ++--- drivers/crypto/ccree/cc_request_mgr.c | 2 +- drivers/crypto/marvell/cesa/hash.c...
2014 Feb 24
0
nut in openwrt
...ther it is not loaded, or the usb serial and/or hid drivers are not loaded, which appear to have been used on your Debian box. - Tim On February 24, 2014 1:12:36 AM CST, Josu Lazkano <josu.lazkano at gmail.com> wrote: >Thanks again. > >This is the lsmod output: > ># lsmod >aead 4256 0 >arc4 1312 2 >b43 324014 0 >bcma 28621 1 b43, >button_hotplug 2800 0 >cfg80211 172273 2 b43,mac80211, >cifs 190077 0 >compat 651 3 b...