| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Jun 2023 14:39:46 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Dongsoo Lee <letrhee@....re.kr>
Cc: 'Herbert Xu' <herbert@...dor.apana.org.au>,
linux-crypto@...r.kernel.org, davem@...emloft.net,
linux-kernel@...r.kernel.org, letrhee@...il.com
Subject: Re: [PATCH v2 0/2] crypto: LEA block cipher implementation
On Fri, Jun 02, 2023 at 03:05:16PM +0900, Dongsoo Lee wrote:
> Additionally, we are exploring the possibility of using `blk-crypto` for
> encryption. Currently, the ciphers available for `blk-crypto` are
> AES-256-XTS, AES-128-CBC-ESSIV, Adiantum, and SM4-XTS. We would like to add
> LEA-256-XTS to these.
>
> ( https://github.com/torvalds/linux/blob/master/block/blk-crypto.c#L21 )
>
> Instead of disk encryption, it is also possible to use `fscrypt` to encrypt
> the file system for data-at-rest environments. `fscrypt` currently supports
> AES-256-XTS, AES-256-CTS-CBC, AES-128-CBC-ESSIV, AES-128-CTS-CBC, SM4-XTS,
> SM4-CTS-CBC, Adiantum, and AES-256-HCTR2.
>
> ( https://github.com/torvalds/linux/blob/master/fs/crypto/keysetup.c#L16 )
>
Currently the only user of blk-crypto is fscrypt. So the above two paragraphs
are really talking about the same thing.
I haven't seen any patch that proposes adding LEA support to fscrypt. Also, I'm
not sure that the information you've provided so far is sufficient motivation
for adding it to fscrypt. I did recently allow another national pride cipher,
SM4, to be added to fscrypt, but that was only because a user said they were
being *required* to use SM4. It's not clear that's the case for LEA.
- Eric
Powered by blists - more mailing lists