Re: [PATCH 0/3] crypto: Remove arch-optimized des and des3_ede code

Next message: Pawan Gupta: "Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs"
Previous message: Anushka Badhe: "[PATCH v5] staging: media: atomisp: pci Move GP_TIMER_BASE to where it is used"
In reply to: John Paul Adrian Glaubitz: "Re: [PATCH 0/3] crypto: Remove arch-optimized des and des3_ede code"
Next in thread: Eric Biggers: "Re: [PATCH 0/3] crypto: Remove arch-optimized des and des3_ede code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric Biggers

Date: Thu Mar 26 2026 - 16:29:25 EST

On Thu, Mar 26, 2026 at 09:20:51PM +0100, John Paul Adrian Glaubitz wrote:
> On Thu, 2026-03-26 at 13:12 -0700, Eric Biggers wrote:
> > DES and 3DES are cryptographically obsolete and insecure by modern
> > standards. Continuing to maintain highly specific, complex assembly and
> > glue code for them, especially when the code isn't testable in QEMU
> > (s390 and sparc), is unnecessary and risky.
>
> We're working on getting crypto instructions added to QEMU though.
>
> Adrian

In general that's good of course, but DES and 3DES? Really? Why is
effort going into these obsolete algorithms at all?

- Eric