Re: [PATCH 12/38] crypto: drbg - Remove support for CTR_DRBG

Next message: Thomas Zimmermann: "Re: [PATCH for drm-misc-fixes v4 2/4] drm/hisilicon/hibmc: fix no showing when no connectors connected"
Previous message: Sasha Levin: "[PATCH AUTOSEL 6.18] ASoC: amd: acp: update DMI quirk and add ACP DMIC for Lenovo platforms"
In reply to: Geert Uytterhoeven: "Re: [PATCH 12/38] crypto: drbg - Remove support for CTR_DRBG"
Next in thread: Eric Biggers: "Re: [PATCH 12/38] crypto: drbg - Remove support for CTR_DRBG"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Stephan Mueller

Date: Mon Apr 20 2026 - 11:45:34 EST

Am Montag, 20. April 2026, 08:33:56 Mitteleuropäische Sommerzeit schrieb Eric
Biggers:

Hi Eric,

> Remove the support for CTR_DRBG. It's likely unused code, seeing as
> HMAC_DRBG is always enabled and prioritized over it unless
> NETLINK_CRYPTO is used to change the algorithm priorities.

Just as an FYI: the CTR DRBG implementation is used, because it provides
massive superior performance. The CTR DRBG implementation is lined up to use
the AES-CTR mode directly. If you have an accelerated implementation like AES-
NI or ARM-CE, your performance increase is significant.

For example, on my M4 development system, the generation of 1GB of data from
the CTR DRBG takes 90ms whereas the HMAC DRBG takes more than 4 seconds.

The default of HMAC DRBG, however, was used since it has a simple logic and
smaller code.

Ciao
Stephan