[Cryptography-dev] Deprecating legacy symmetric algorithms
Paul Kehrer
paul.l.kehrer at gmail.com
Wed Jan 19 10:26:04 EST 2022
Hi all,
cryptography currently ships numerous legacy symmetric algorithms
that, anecdotally, have very low use. These algorithms have a variety
of security drawbacks when compared to more modern equivalents (namely
AES or ChaCha20) and generally shouldn't be used. We plan to deprecate
them on a long cycle such that users who don't read the mailing list
have a chance to speak up if they have a use case that we should
consider, but we're also reaching out here to solicit opinions.
The algorithms we'd like to deprecate and remove are:
* CAST5
* SEED
* IDEA
* Blowfish
3DES and ARC4 are also legacy (and ARC4 has serious security issues),
but their common use in many scenarios means they will not be
deprecated.
This decision has two primary driving factors: reducing the number of
algorithms that developers need to be aware of to make a reasonable
choice, and lowering our reliance on the "legacy" provider in OpenSSL
3.0.0+ with a goal of eventually removing it entirely.
If you have use cases that require these algorithms please let us know!
-Paul Kehrer (reaperhulk)
More information about the Cryptography-dev
mailing list