Announcement

Collapse
No announcement yet.

Linux Kernel Patches Posted For Streebog - Crypto From Russia's FSB

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux Kernel Patches Posted For Streebog - Crypto From Russia's FSB

    Phoronix: Linux Kernel Patches Posted For Streebog - Crypto From Russia's FSB

    Just months after the controversial Speck crypto code was added to the Linux kernel that raised various concerns due to its development by the NSA and potential backdoors, which was then removed from the kernel tree, there is now Russia's Streebog that could be mainlined...

    http://www.phoronix.com/scan.php?pag...Crypto-Patches

  • #2
    Streebog is a Russian national standard and a replacement to their GOST hash function.
    Just to clarify the terms here: GOST (ГОСТ) is a set of technical standards (like ANSI) used in Russia and several other CIS countries. Previous "GOST-standard hash function" didn't have a specific nickname and was just called "GOST R 34.11-94/95" (confusing). This new function replaced it, this time getting a nickname Streebog, but it is also certified under GOST standard.

    Comment


    • #3
      you had me at "designed by the FSB", thanks but no thanks, keep the kernel clean of likely governmental backdoor'ed crypto, they can maintain their own fluff out of tree for themselves, ..!

      Comment


      • #4
        Originally posted by rene View Post
        you had me at "designed by the FSB", thanks but no thanks, keep the kernel clean of likely governmental backdoor'ed crypto, they can maintain their own fluff out of tree for themselves, ..!
        Decisions must be made based on quality and usefulness, not on where it's coming from.

        Comment


        • #5
          Originally posted by cl333r View Post

          Decisions must be made based on quality and usefulness, not on where it's coming from.
          This was not meant towards our neighbours and Russian friends. If it comes form any secret service, no matter if NSA, FSB, MI6 or whatever chances that it is numerically backdoored are >90, if not 99%. Why would anyone with a sane mind want to use that? Crypto stuff needs to be developed in the open, by independent mathematicians and researchers.

          Comment


          • #6
            This either means that Streebog is suspicious, or competing functions are suspicious, or competing functions are just suspicious to the people who didn't propose them. It seems... weird to me that different places would have different cryptographic hash functions though, just hard to tell which suite of functions it casts doubt on: the new one or the existing one?

            Comment


            • #7
              Originally posted by rene View Post

              This was not meant towards our neighbours and Russian friends. If it comes form any secret service, no matter if NSA, FSB, MI6 or whatever chances that it is numerically backdoored are >90, if not 99%. Why would anyone with a sane mind want to use that? Crypto stuff needs to be developed in the open, by independent mathematicians and researchers.
              I get a warmer fuzzy feeling if I can stack a couple of security algorithms that have been chosen as a standard on different continents. :-)

              Comment


              • #8
                Originally posted by rene View Post
                This was not meant towards our neighbours and Russian friends. If it comes form any secret service, no matter if NSA, FSB, MI6 or whatever chances that it is numerically backdoored are >90, if not 99%. Why would anyone with a sane mind want to use that? Crypto stuff needs to be developed in the open, by independent mathematicians and researchers.
                You need to be more paranoid. What if those "independent mathematicians and researchers" are in fact either sponsored by the NSA or have a gun to their head? You'll never be safe.

                Comment


                • #9
                  Originally posted by microcode View Post
                  This either means that Streebog is suspicious, or competing functions are suspicious, or competing functions are just suspicious to the people who didn't propose them.
                  The code is Open to the community for more than a decade now, instead of spread FUD, look into the code..

                  Originally posted by microcode View Post
                  It seems... weird to me that different places would have different cryptographic hash functions though, just hard to tell which suite of functions it casts doubt on: the new one or the existing one?
                  ​​​​​​​Don't push your head in the sand..
                  If you were a little bit more informed about the world around you...you will notice than each one as its tools, its language, its culture..
                  And Linux is used around the world..
                  Last edited by tuxd3v; 10-10-2018, 05:38 PM.

                  Comment


                  • #10
                    I'm not a fan of any secret back doors but if we explicitly deny code from government agencies then they will find a way to hide where it is coming from. At least in this case the origin is clear.

                    Comment

                    Working...
                    X