From: "Stephan Müller" <smueller@chronox.de>
To: Marcel Holtmann <marcel@holtmann.org>
Cc: Mat Martineau <mathew.j.martineau@linux.intel.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
dhowells@redhat.com
Subject: Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API
Date: Fri, 11 Aug 2017 08:30:23 +0200 [thread overview]
Message-ID: <4460438.43jVvca0Xd@positron.chronox.de> (raw)
In-Reply-To: <EDD4B1A0-DA39-4A72-B445-F21D1C364228@holtmann.org>
Am Freitag, 11. August 2017, 07:13:30 CEST schrieb Marcel Holtmann:
Hi Marcel,
> >
> > The last round of reviews for AF_ALG akcipher left off at an impasse
> > around a year ago: the consensus was that hardware key support was
> > needed, but that requirement was in conflict with the "always have a
> > software fallback" rule for the crypto subsystem. For example, a private
> > key securely generated by and stored in a TPM could not be copied out for
> > use by a software algorithm. Has anything come about to resolve this
> > impasse?
> >
> > There were some patches around to add keyring support by associating a key
> > ID with an akcipher socket, but that approach ran in to a mismatch
> > between the proposed keyring API for the verify operation and the
> > semantics of AF_ALG verify.
> >
> > AF_ALG is best suited for crypto use cases where a socket is set up once
> > and there are lots of reads and writes to justify the setup cost. With
> > asymmetric crypto, the setup cost is high when you might only use the
> > socket for a brief time to do one verify or encrypt operation.
> >
> > Given the efficiency and hardware key issues, AF_ALG seems to be
> > mismatched with asymmetric crypto. Have you looked at the proposed
> > keyctl() support for crypto operations?
> we have also seen hardware now where the private key will never leave the
> crypto hardware. They public and private key is only generated for key
> exchange purposes and later on discarded again. Asymmetric ciphers are
> really not a good fit for AF_ALG and they should be solely supported via
> keyctl.
Thanks for the reminder. I have looked at that but I am unsure about whether
this one covers asym crypto appropriately, too.
The issue is that some hardware may only offer accelerators without a full
blown RSA siggen/ver logic (that pulls in PKCS or OAEP or others). How do you
propose to cover raw primitives with keyctl?
Ciao
Stephan
next prev parent reply other threads:[~2017-08-11 6:30 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-10 6:39 [PATCH v8 0/4] crypto: add algif_akcipher user space API Stephan Müller
2017-08-10 6:39 ` [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API Stephan Müller
2017-08-10 12:49 ` Tudor Ambarus
2017-08-10 13:03 ` Stephan Mueller
2017-08-10 13:59 ` Tudor Ambarus
2017-08-10 14:06 ` Stephan Müller
2017-08-10 6:39 ` [PATCH v8 2/4] crypto: AF_ALG -- add setpubkey setsockopt call Stephan Müller
2017-08-10 6:40 ` [PATCH v8 3/4] crypto: AF_ALG -- add asymmetric cipher Stephan Müller
2017-08-11 12:51 ` Tudor Ambarus
2017-08-19 13:53 ` Stephan Müller
2017-08-21 8:55 ` Tudor Ambarus
2017-08-21 9:23 ` Tudor Ambarus
2017-08-21 9:39 ` Stephan Mueller
2017-08-10 6:40 ` [PATCH v8 4/4] crypto: algif_akcipher - enable compilation Stephan Müller
2017-08-11 12:56 ` Tudor Ambarus
2017-08-11 13:03 ` Stephan Mueller
2017-08-11 0:48 ` [PATCH v8 0/4] crypto: add algif_akcipher user space API Mat Martineau
2017-08-11 5:13 ` Marcel Holtmann
2017-08-11 6:30 ` Stephan Müller [this message]
2017-08-11 16:02 ` Marcel Holtmann
2017-08-14 6:24 ` Stephan Mueller
2017-08-14 6:42 ` Marcel Holtmann
2017-08-11 7:18 ` Stephan Mueller
2017-08-11 16:05 ` Marcel Holtmann
2017-08-13 8:52 ` Gilad Ben-Yossef
2017-08-14 6:01 ` Stephan Mueller
2017-08-17 13:17 ` Tudor Ambarus
2017-08-30 6:15 ` Tudor Ambarus
2017-08-30 7:21 ` Marcel Holtmann
2017-08-30 8:17 ` Tudor Ambarus
2017-08-30 12:36 ` Marcel Holtmann
2017-08-11 10:18 ` Andrew Zaborowski
2017-08-11 19:43 ` Mat Martineau
2017-08-14 6:03 ` Stephan Mueller
2017-08-14 6:26 ` Marcel Holtmann
2017-08-14 7:23 ` Stephan Mueller
2017-08-14 9:26 ` Marcel Holtmann
2017-10-02 14:15 ` Tudor Ambarus
2017-10-03 0:09 ` Mat Martineau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4460438.43jVvca0Xd@positron.chronox.de \
--to=smueller@chronox.de \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=mathew.j.martineau@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox