Linux-Unix

Edge Security Developer Requests Speck Crypto be Pulled From Linux Kernel, as Google Abandoned It

Google recently announced it will not be using the Speck crypto code, which was created for disk encryption on low-end Android devices, but will instead develop “HPolyC” – which uses the ChaCha stream cipher for disk encryption, and overall has a better security notion due to true wide-block nodes.

This has led to a plea submission to remove the Speck code from the mainline Linux kernel from Linux developer Jason Donenfeld (a well-known security researcher and founder of Edge Security, and is the primary developer for WireGuard and the new Zinc crypto library).

In Jason’s “request for comments”, he wrote the following information to Google’s mailing list:

These are unused, undesired, and have never actually been used by anybody. The original authors of this code have changed their mind about its inclusion. Therefore, this patch removes it

Dropping Speck from the kernel would reduce its footprint by around 2,500 lines of code, which is no small number to sneer at.

Aside from removing the Speck crypto code, it would also remove the Speck support for fscrypt that was a new addition in Linux 4.18, and allowed Speck-based EXT4 native file-system encryption.

However, the idea of removing Speck from the latest Linux kernel is not universally agreed on – some say that it may be useful in some verticals, where an efficient (though weaker) encryption implementation may be desired. Its currently speculated though not proven there may be an NSA backdoor within this particular algorithm.

Close