Re: Importing libraries for the kernel

[Joerg Sonnenberger <joerg%bec.de@localhost>]

On Thu, Dec 13, 2018 at 11:07:23PM +0900, Ryota Ozaki wrote:
> On Thu, Dec 13, 2018 at 6:30 AM Joerg Sonnenberger <joerg%bec.de@localhost> wrote:
> >
> > On Thu, Dec 13, 2018 at 12:58:21AM +0900, Ryota Ozaki wrote:
> > > Before that, I want to ask about how to import cryptography
> > > libraries needed tor the implementation.  The libraries are
> > > libb2[1] and libsodium[2]: the former is for blake2s and
> > > the latter is for curve25519 and [x]chacha20-poly1305.
> >
> > I don't really have a problem with Blake2s, but I have serious concerns
> > for doing asymmetric cryptography in the kernel. In fact, it is one of
> > the IMHO very questionable design decisions behind WireGuard and
> > something I don't want to see repeated in NetBSD.
> 
> Can you clarify the concerns?

Asymmetrical cryptography is slow and complex. On many architectures,
the kernel will only be able to use slower non-SIMD implementations. ECC
still easily requires 10k cycles per operation. The implementation is
non-trivial in terms of code size and historically riddled with tiny
tricky issues ranging from corner cases in the math to timing. I haven't
yet heard a really good argument why the key exchange must be part of
the kernel beyond the inability of the Linux community to coordinate
different projects.

Joerg