[dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm
Ard Biesheuvel
ardb at kernel.org
Thu Jan 21 18:09:36 UTC 2021
On Thu, 21 Jan 2021 at 19:05, Eric Biggers <ebiggers at kernel.org> wrote:
>
> On Thu, Jan 21, 2021 at 02:07:33PM +0100, Ard Biesheuvel wrote:
> > Salsa20 is not used anywhere in the kernel, is not suitable for disk
> > encryption, and widely considered to have been superseded by ChaCha20.
> > So let's remove it.
> >
> > Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
> > ---
> > Documentation/admin-guide/device-mapper/dm-integrity.rst | 4 +-
> > crypto/Kconfig | 12 -
> > crypto/Makefile | 1 -
> > crypto/salsa20_generic.c | 212 ----
> > crypto/tcrypt.c | 11 +-
> > crypto/testmgr.c | 6 -
> > crypto/testmgr.h | 1162 --------------------
> > 7 files changed, 3 insertions(+), 1405 deletions(-)
> >
> > diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > index 4e6f504474ac..d56112e2e354 100644
> > --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > @@ -143,8 +143,8 @@ recalculate
> > journal_crypt:algorithm(:key) (the key is optional)
> > Encrypt the journal using given algorithm to make sure that the
> > attacker can't read the journal. You can use a block cipher here
> > - (such as "cbc(aes)") or a stream cipher (for example "chacha20",
> > - "salsa20" or "ctr(aes)").
> > + (such as "cbc(aes)") or a stream cipher (for example "chacha20"
> > + or "ctr(aes)").
>
> You should check with the dm-integrity maintainers how likely it is that people
> are using salsa20 with dm-integrity. It's possible that people are using it,
> especially since the documentation says that dm-integrity can use a stream
> cipher and specifically gives salsa20 as an example.
>
Good point - cc'ed them now.
More information about the dm-devel
mailing list