defensive-coding-guide

#1 Enhanced the Cryptography section
Closed by mjahoda. Opened by nmav.
nmav/defensive-coding-guide crypto-update  into  master

This documents the libraries available in Fedora (and RHEL), and adds text on getrandom().

There are some concerns about GCM mode—it is difficult ti implement in software (so it generally favors attackers), and nonce reuse is an issue.

Do we really want to recommend it over CBC mode?

I think you are right, It CBC is far safer to mis-use than anything else we have so far. I've added however both chacha20 and gcm to a special category, of safe to use if...

I've also recommended AES-256 instead of 128 due to possible future post-quantum threats.
Edited by nmav

rebased

You completely dropped AES-128, which doesn't seem right. It's unclear whether AES-128 or AES-256 is stronger, but better (still theoretical) attacks on AES-256 have not materialized in the meantime, so maybe we can move AES-256 up a notch.

I dropped AES-128 because it is considered insecure under quantum computers.
"Grover's algorithm could brute-force a 128-bit symmetric cryptographic key in roughly 2^64 iterations"
https://en.wikipedia.org/wiki/Grover%27s_algorithm

I can bring it back, but I think it makes sense to keep that list future proof.

Pull-Request has been closed by mjahoda
Metadata
No Tags
Changes Summary 1
+43 -8
file changed
en-US/Tasks-Cryptography.xml
Static archive. pagure.io was sunset in 2026; this is a read-only snapshot.
Red Hat Logo

Fedora is sponsored by Red Hat. Learn more about the relationship between Red Hat and Fedora »

© Red Hat, Inc. and others.