<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 11/13/2015 5:10 PM, Emilia Käsper
wrote:<br>
</div>
<blockquote
cite="mid:CAGZjfUYJLnD7Qo28r_iQgnUYAsZay_Ftp8KEG=7MPY5pY+248A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">
<div>Hi all,</div>
<div><br>
</div>
<div>We are considering removing from OpenSSL 1.1 known broken
or outdated cryptographic primitives. As you may know the
forks have already done this but I'd like to seek careful
feedback for OpenSSL first to ensure we won't be breaking
any major applications.<br>
</div>
<div><br>
</div>
<div>These algorithms are currently candidates for removal:</div>
<div><br>
</div>
<div>CAST</div>
<div>IDEA</div>
</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">MDC2</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">MD2
[ already disabled by default ]</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">RC5
[ already disabled by default ]</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">RIPEMD</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">SEED</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">WHIRLPOOL</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">ALL
BINARY ELLIPTIC CURVES</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px"><br>
</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">My
preference would be to remove these algorithms completely (as
in, delete the code). Disabled-by-default code will either be
re-enabled by distros (if there's widespread need for it - in
which case we might as well leave it in) or will be poorly
tested and is likely to just silently rot and break. This code
is bloat and maintentance burden for us - my hope is that much
of this code is effectively dead and can be removed.</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px"><br>
</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px"><b>Are
you aware of any mainstream need to continue supporting
these algorithms in OpenSSL 1.1?</b> Note that an older
OpenSSL library or binary, or a standalone implementation or
another crypto toolkit can always be used to continue
supporting a legacy standalone application, or to decrypt
ciphertext from the distant past. I am looking for use cases
that could cause e.g. interop breakage between new and old
peers, or major pain to distro end-users.</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px"><br>
</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">These
algorithms are obsolete but removing them doesn't look
feasible:</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px"><br>
</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">BLOWFISH
- probably still in use though I don't know where exactly?</div>
<div style="color:rgb(33,33,33);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:19.5px">
<div>MD4 - used in NTLM</div>
<div>RC2 - used in PKCS#12</div>
<div><br>
</div>
<div><b>Did I miss anything from the list?</b></div>
<div><br>
</div>
<div>Cheers,</div>
<div>Emilia</div>
<div><br>
</div>
</div>
<div><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
openssl-users mailing list
To unsubscribe: <a class="moz-txt-link-freetext" href="https://mta.openssl.org/mailman/listinfo/openssl-users">https://mta.openssl.org/mailman/listinfo/openssl-users</a>
</pre>
</blockquote>
<font size="+1"><font face="Courier New"><br>
Regarding that <font size="+1">h<font size="+1">ardware accele<font
size="+1">ration<font size="+1"> and aes<font size="+1">-ni
is no<font size="+1">t ye<font size="+1">t common
among <br>
today desktops</font></font></font></font></font></font></font>
an<font size="+1">d mobile devices, rc5 is a very <font
size="+1">good <font size="+1">choi<font size="+1"><font
size="+1">c</font>e in</font></font></font></font>
situations<br>
<font size="+1">where you <font size="+1">need</font> <font
size="+1">a reasonably secure a<font size="+1">nd yet fast</font>
c<font size="+1">i<font size="+1">pher<font size="+1"><font
size="+1"> (</font>as 'openssl <font size="+1">s<font
size="+1">peed'</font></font> shows, <br>
rc5 <font size="+1">is 2.5 time<font size="+1">s
faster<font size="+1"> than aes-128 w/o aes-n<font
size="+1">i. We <font size="+1">develop<font
size="+1"> a tunneling</font></font> <font
size="+1">app<font size="+1"> that use<font
size="+1">s <br>
rc5 for LAN to gateway <font size="+1">encryption).</font>
<br>
<br>
<font size="+1">So, <font size="+1">pls.
<font size="+1">do <font size="+1">no
remove</font></font> <font
size="+1">rc<font size="+1">5.</font></font></font></font><br>
</font></font></font></font></font></font></font></font></font></font></font></font><br>
</font></font><br>
<pre class="moz-signature" cols="200">--
Best regards
Hooman Fazaeli</pre>
</body>
</html>