Re: PBKDF2 support in the linux kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday, May 26, 2018 7:12:36 AM CEST Herbert Xu wrote:
> On Tue, May 22, 2018 at 11:00:40AM +0800, Yu Chen wrote:
> > Hi all,
> > The request is that, we'd like to generate a symmetric key derived from
> > user provided passphase(not rely on any third-party library). May I know if
> > there is a PBKDF2(Password-Based Key Derivation Function 2) support in the
> > kernel? (https://tools.ietf.org/html/rfc2898#5.2)
> > We have hmac sha1 in the kernel, do we have plan to port/implement
> > corresponding PBKDF2 in the kernel too?
> 
> The rule for adding crypto code to the kernel is simple, there
> must be an in-kernel user of the algorithm.

So we are talking about an in-kernel user here.

Again, the PBKDF2 user would be hibernation.  It could either take a key from
user space, which would require a key-generating user-space component to be
present in the initramfs (I guess no issue for a regular distro, but I can
imagine cases when it may be a difficulty), or take a passphrase from user
space and generate a key by itself (that's what we would like to use PBKDF2
for).

We would prefer the latter for various reasons (convenience mostly, but also
not having to rely on user space to do the right thing).

Thanks,
Rafael




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux