[Pkg-openssl-devel] Bug#327739: Bug#327739: Patch to enable IDEA support

[brian m. carlson]

On Fri, Nov 01, 2013 at 10:37:04PM +0100, Kurt Roeckx wrote:
> On Fri, Nov 01, 2013 at 09:22:56PM +0000, brian m. carlson wrote:
> > tags 327739 + patch
> > kthxbye
> > 
> > I've attached a patch to add IDEA support.  The algorithm is not
> > insecure (unlike MD5 and RC4, which are still compiled in), and somebody
> > might want to use it.
> 
> I don't intent to apply this patch.  There are things like AES and
> Camellia that can be used instead.  The only good reason I can see
> for enabling things is being able to read / talk to old things
> that do support it.

While it's certainly not a common algorithm, nor my first choice, it is
presently considered secure, and OpenSSL is used for much more than just
SSL/TLS.  There may also be people who actually want to use it for
legacy reasons as well.

Had it not been patented, I doubt it would have ever been disabled in
the first place.

> Note that MD5 (and SHA-1) only has a problem with collision attacks,
> as far as I know it's still considerd safe against a preimage attack.
> But I would still suggest moving to SHA-2.

RC4 is insecure however it's used, and yet we still enable it.  It is
insecure in WEP/WPA, TLS, as a PRNG, and pretty much however else you
slice it.  In fact, it's worse than MD5, because there isn't a secure
way to use it, even if you drop the beginning of the keystream.

This is a separate bug, though, which I will open shortly.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20131101/b68a0005/attachment.sig>