International kernel patch v2.1.125.2

Alexander Kjeldaas (astor@guardian.no)
Mon, 12 Oct 1998 17:50:02 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Eric S. Raymond: "Re: "Geeks with Guns" at Atlanta Linux Showcase"
Previous message: Jonathan Corbet: "Quota lockups"

Hi, the next crypto patch for 2.1.125 is available. The idea is to
collect all crypto patches so that using crypto in the kernel will be
easier than today.

The patch is available from:

ftp://ftp.kerneli.org/pub/linux/kerneli/v2.1/patch-int-2.1.125.2.gz

Currently the patch includes the latest unofficial ENskip support and
crypto-modules for the loopback filesystems (twofish, blowfish,
cast-128, serpent, and a not-yet-ported idea). If anybody know of a
crypto-patch for the 2.1-series that I haven't included, please
contact me. The following has changed from the last patch:

1998-10-12 Alexander Kjeldaas <astor@guardian.no>

* drivers/block/loop_serpent.c: Made wrapper-module for the
serpent cipher.

* crypto/serpent.c crypto/serpent_f_box.h: Added serpent
implementation from Dr. B R Gladman <gladman@seven77.demon.co.uk>
AES reimplementation project.

* drivers/block/Config.in: Loopback crypto flagged experimental

I'd like to add some of the other AES candidates too - at least RSA's
RC6 and IBM's MARS ciphers. They are very fast and tuned for modern
CPUs by using multiply and data-dependent rotations.

Some info on serpent (from Configure.help):
Serpent is a 128-bit block cipher designed by Ross Anderson, Eli
Biham and Lars Knudsen as a candidate for the Advanced Encryption
Standard. Serpent provides users with the highest practical level
of assurance that no shortcut attack will be found. To achieve
this, the algorithm uses well understood mechanisms so that its
security relies on the wide experience of block cipher
cryptoanalysis. The algorithm uses twice as many rounds as are
necessary to block all currently known shortcut attacks. The
algorithm is designed to have a service life of 50 years and to
continue to protect legacy data for a further 50 years beyond that.

Despite these exacting design constraints, Serpent is faster than
DES. Its design supports a very efficient bitslice implementation,
and this implementation runs at almost 25 Mbit/sec on a
200MHz Pentium (compared with about 15 Mbit/sec for DES).

Serpent is completely in the public domain, and no restrictions are
imposed on its use.

More information about Serpent:
http://www.cl.cam.ac.uk/~rja14/serpent.html

More information about the implementation:
http://www.seven77.demon.co.uk/crypto_technology.htm

On the ftp-site, the directory /pub/linux/kernel is a normal
kernel-mirror while /pub/linux/kerneli is a kernel-mirror plus the
international kernel patch. You should find all utilities needed for
using crypto in the kernel in in /pub/linux/kerneli/net-source/.

Enjoy,

astor

-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric S. Raymond: "Re: "Geeks with Guns" at Atlanta Linux Showcase"
Previous message: Jonathan Corbet: "Quota lockups"