Re: [PATCH v2 1/4] Crypto: Crypto driver support aes/des/des3 for rk3288

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 5, 2015 at 8:17 PM, Zain Wang <zain.wang@xxxxxxxxxxxxxx> wrote:
> The names registered are:
>     ecb(aes) cbc(aes) ecb(des) cbc(des) ecb(des3_ede) cbc(des3_ede)
> You can alloc tags above in your case.

Why on Earth are you allowing DES? Here's a reference from around the
turn of the century on why the FreeS/WAN project refused to implement
it then:
http://www.freeswan.org/freeswan_trees/freeswan-1.97/doc/politics.html#desnotsecure

In 1998 a $200,000-odd purpose-built machine using FPGAs could break
DES in a few days. Morre's Law applies; my guess would be that today
you could break it in hours for well under $10,000 using either GPUs
or Intel's Xeon Phi.

Even if you have to implement DES because you need it as a component
for 3DES and some standards still require 3DES, single DES should not
be exposed in the user interface.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux