Linux Kernel 4.20 to drop NSA-developed Speck Algorithm

Linux kernel is one of the most common kernels found underlying operating systems. Its latest released version is 4.18.5 and its most recent preview is of the 4.19-rc2 version. With those two versions shining under the spotlight, news has emerged that in the kernel’s version 4.20, the developers are going to remove the Speck security algorithm designed by NSA which was employed in the kernel previously. This comes after news of the International Organization for Standardization rejecting the algorithm at a meeting

When it comes to building bigger and better devices, especially ones designed to cater to all needs under a single hood, device security and encryption become of the utmost essence. In the context of operating systems, this means that the kernel cores need to be made impenetrable and unable to be compromised so that the everything built atop the kernel is kept safe and steady.

For this purpose, although security analysts have long had reservations about the Simon and Speck cryptographic algorithms developed by the NSA, Google chose to employ Speck in the company’s Android Go devices. These devices did not have AES encryption which tends to come with the ARMv8 chips. The device came with the ARMv7 chip instead which meant that it needed another layer of added protection due to the lack of AES instruction definitions. This security mechanism was first introduced in Google’s products in the Linux kernel version 4.17.

The reason Speck is considered to be an untrustworthy security algorithm is because it failed to answer particular design and procedure related questions before the ISO. In addition to this, the NSA has a long-standing history of developing controllable or penetrable algorithms for security that NSA can exploit or use in its own interest to receive information at the back end. Speck is expected to be removed from the Linux kernel v4.20. It is expected to remain in previous versions including v4.17, v4.18, and v4.19.

Google has long worked with XChaCha algorithm, using it as the default encryption on its lower-end devices. Google also used ChaCha for its chrome browser in the case of the local device not supporting AES crypto accelerators. This security algorithm is considered to be quicker, more secure, and far better reputed than Speck. This makes one wonder why Google didn’t employ the XChaCha algorithms in all of its products to begin with. Google is now expected to use and adapt the XChaCha algorithm into its own development called HPolyC.


Close