Announcement

Collapse
No announcement yet.

EXT4/Fscrypt Changes For Linux 4.18: Speck File-System Encryption Being Added

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • EXT4/Fscrypt Changes For Linux 4.18: Speck File-System Encryption Being Added

    Phoronix: EXT4/Fscrypt Changes For Linux 4.18: Speck File-System Encryption Being Added

    Theodore Ts'o at Google submitted the feature updates today for the EXT4 file-system and FSCRYPT file-system encryption framework updates for the Linux 4.18 kernel merge window...

    http://www.phoronix.com/scan.php?pag...ck-Crypto-4.18

  • #2
    Quoting Wikipedia ( https://en.wikipedia.org/wiki/Speck_(cipher))

    German, Japanese and Israeli delegates to the International Organization for Standardization have opposed efforts by the NSA to standardise the Simon and Speck ciphers, citing concerns that the NSA is pushing for their standardisation with knowledge of exploitable weaknesses in the ciphers, based on partial evidence of weaknesses in the ciphers, lack of clear need for standardisation of the new ciphers, and the NSA's previous involvement in the creation and promotion of the backdoored Dual_EC_DRBG cryptographic algorithm.[11]
    Sounds quite credible.

    Comment


    • #3
      this looks fishy AF, not like for example AES which is absolutely trustworthy

      Comment


      • #4
        Originally posted by davidbepo View Post
        this looks fishy AF, not like for example AES which is absolutely trustworthy
        For those wondering why this fine guy is (gasp!) doubting of a fine algorithm like AES... we introduce the concept of mathematical backdoors https://www.theregister.co.uk/2017/1...cal_backdoors/

        Comment


        • #5
          Originally posted by starshipeleven View Post
          For those wondering why this fine guy is (gasp!) doubting of a fine algorithm like AES... we introduce the concept of mathematical backdoors https://www.theregister.co.uk/2017/1...cal_backdoors/
          lolwut? im not doubting AES, im saying that it is absolutely trustworthy, its not possible that it is backdoored also that idea would imply nsa shooting itself in the foot, heck they didnt even design it, AES its rijndael which is an algorithm made by two Belgian cryptographers
          Last edited by davidbepo; 06-05-2018, 07:32 PM. Reason: more info added

          Comment


          • #6
            Originally posted by davidbepo View Post
            lolwut? im not doubting AES
            I am.

            that idea would imply nsa shooting itself in the foot
            FYI: with the whole Juniper firewall backdoor thing they did exactly that. a good 50% of these firewalls were bought by US government.

            Comment


            • #7
              Originally posted by starshipeleven View Post
              For those wondering why this fine guy is (gasp!) doubting of a fine algorithm like AES... we introduce the concept of mathematical backdoors https://www.theregister.co.uk/2017/1...cal_backdoors/
              If only there was a way to use OTP for file-system encryption... that'd be the ultimate FS encryption!

              Comment


              • #8
                Originally posted by Vistaus View Post
                If only there was a way to use OTP for file-system encryption... that'd be the ultimate FS encryption!
                If by OTP you mean one-time-password, then it's just a way of logging in, the underlying algorithm used is not related to that.

                Comment


                • #9
                  Originally posted by phoronix View Post
                  Ted Ts'o followed up with, "This is really intended for "The Next Billion Users"; phones like Android Go that was disclosed at the 2017 Google I/O conference, where the unsubsidized price is well under $100 USD (so cheaper than the original OLPC target)." Basically, super-cheap, super low-end smartphones using old ~ARMv7 SoCs lacking hardware encryption extensions and Speck is the most efficient algorithm they currently have for at least offering some level of file-system encryption.
                  I call bullshit. I'm currently running success fully ChaCha20-Poly1305 in the same class of IoT hardware (older ARMv6 Raspberry Pi).

                  Even wikipedia mentions

                  Speck is one of the fastest ciphers available, both for long as well as short messages and is comparable in speed to the stream cipher Salsa20
                  (For the record Chacha20 is the newer/better/faster version of Salsa20, also by Daniel J. Bernstein)

                  There's a reason why Google themselves have pushed for it to replace RC4 in the embed space.

                  Also, in Arduino crypto libraries (so even smaller IoT devices than the smartphone cited by Tso) Chacha is the recommendation.
                  Speck has the only advantage of half the code size (so useful for extreme constrained applications that don't leave you much free leftover space in the flash to cram your compression in) but that comes at the cost of ram and slower setup time.

                  Comment


                  • #10
                    Originally posted by starshipeleven View Post
                    If by OTP you mean one-time-password,
                    I thinks he's referring to one-time pad, the only type of encryption that is provably mathematically unbreakable.

                    (And is unbreakable in real-life too, as long as your have used an actual true-random source to generate, and manage to protect the pad itself as required, and indeed only use it once - unlike what was done in virtually all the historical situations of OTP being broken due to either capture of the pad or statistical analysis upon pad re-use).

                    It's absolutely completely unpractical for storage (it would mean having giant multi-terabytes spools of tape containing nothing but noise to be used to XOR against when encrypting, that you need to defend dearly with your life or destroy in case of risk of capture, and you can only use exactly once each chunk of tape noise)

                    Comment

                    Working...
                    X