WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Support for serpent in the default kernel?  (Read 2501 times)

Offline buggy

  • Newbie
  • *
  • Posts: 24
Support for serpent in the default kernel?
« on: April 27, 2009, 02:27:12 PM »
Hi,

could you please add support for Serpent in the default kernel? There are a lot of people preferring this algorithm over the others and it also wouldn't make TC much bigger.

Thanks!

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 10957
Re: Support for serpent in the default kernel?
« Reply #1 on: April 28, 2009, 08:44:48 AM »
Are you talking about the encryption chipher for loop-aes (aka for TC 2.x)?

If so, the twofish/blowfish/serpent ciphers can only be built as modules. That means they're pretty easy to build, not requiring kernel changes, so likely would be in an extension; on the other hand, to be available in the early boot, they'd need to be in the base image.

However, adding support by default for more than AES which is considered "good enough" by the majority of the security experts, would just add in size without benefit to most. I think the three extra ciphers should thus be an extension, and to be remastered in by those who need them for cryptohome.

Politics aside, I can build them, but not sure when; if someone has time before, feel free to submit ;)
The only barriers that can stop you are the ones you create yourself.