The Encryption Algorithm in Linux Kernel of NSA is currently creating unease in community with more than 13 million lines of code, the Linux kernel is one of the major open source projects on this planet, and however, what is a kernel and what are its uses?
So What’s The Kernel?
A kernel is the lowest level of quickly expendable software that interfaces with the hardware in your PC. It’s responsible for interfacing all your applications which are running in user mode to the physical hardware, and enabling processes, called servers, to get information from each other using inter-process communication (IPC).
Linux Kernel 4.17 watched the addition of Speck, the controversial encryption algorithm of NSA. Linux Kernel 4.18 will watch Speck being available as a backed algorithm with the script, and not everybody is delighted about it.
Before you panic or form adverse decisions, you need to know that Speck isn’t a backdoor. It’s only an encryption algorithm from American bureau NSA, and it is available as a module in the Linux Kernel.
National Security Agency (NSA) of the US is notorious for being privacy-invasive. The past actions of it cast doubts for every activity it performs.
NSA had also approached Linux creator Linus Torvalds to make a backdoor in Linux kernel. Linus Torvalds denied that offer.
The controversial Speck encryption of NSA is in Linux Kernel 4.17
The algorithm in the problem, Speck, is weak encryption (lightweight block cipher) made for systems with low computing abilities, i.e., IoT devices.
NSA desired Speck and its companion algorithm Simon to become a worldwide standard for the next generation of internet-of-things detectors and gizmos.
NSA attempted to forcefully push this algorithm to an extent which some cryptographer alleged harassment and bullying at the hands of NSA.
The International Organization of Standards (ISO) refused Speck and Simon, and this is the real problem.
ISO blocked NSA’s Simon and Speck calculations amid worries that they comprised a backdoor that would enable US spies to break the encryption.
Though no backdoor was discovered by any researcher in Simon and Speck, ISO rejected the calculations since NSA did not even provide investigators with an average level of technical detail to researchers. The speculation of a backdoor increased in the algorithm.
Then how come it arrived in Linux Kernel 4.17, if ISO rejected Speck algorithm?
The quick answer is Google.
Google engineer Eric Biggers asked the addition of Speck in Kernel 4.17 since Google will give Speck as an alternative for dm-crypt and fscrypt on Android.
The focus is on implementing encryption on Android Go, an Android variant tailored to operate on entry-level Smartphones. As of now, these devices aren’t encrypted because AES is not-fast-enough for the low-end system.
Plenty of speculation from the Linux community over Speck
Alert Linux users observed the addition of Speck from Kernel 4.17, and since that time it has turned into a debate topic in various Linux communities online.
Arch Linux users already began discussions on obstructing the Speck module.
What is intriguing is that by default, the Speck module is off from kernel.org however Arch Linux has turned it on by default. Do not ask me why.
How to disable Speck out of Linux Kernel (Only For Advanced Users)
If you’re a typical Linux user with Ubuntu, Mint, Fedora and other non-rolling launch distributions, possibilities are that you aren’t even using Kernel 4.17.
We do not advise it for everybody but if you’re an advanced user, who’s involved in messing with the kernel, test the Linux kernel version, and if it accepts Kernel 4.17, you might exclude the Speck kernel module.
Create if it does not exist, create/etc/modprobe.d/blacklist.conf and add the following lines to it:
We have not confirmed whether it was the effects of our story here, but it looks like Speck will be removed from the Linux Kernel. Google has now discarded the notion of using Speck for Android Go, and there’s not any point in keeping it because nobody will use this algorithm.
What are your opinions about Speck and its inclusion in Linux Kernel 4.17?
As we have mentioned above that nobody has proved that Speck includes a backdoor. It’s only NSA’s reputation that’s currently causing the speculations.
How do you consider the complete episode?
Do you believe its right to add Speck encryption at the Kernel?
Is it possible to not be disabled by default by all the distributions unless it’s meant to be used on a device?
The Linux 4.17 kernel series has moved to the end of life with the launch of the nineteenth maintenance upgrade (Linux 4.17.19), and it will not receive more updates.
Founded by Linus Torvalds on June 3, 2018, the Linux 4.17 kernel series introduced improved hardware support as a result of the inclusion of support for Intel’s Cannon Lake structure, also, to support for the Nvidia Tegra Xavier chip.
Also, it added AMD Radeon Vega 12 graphics processing units and support for the Andes NDS32 architecture, and several microarchitectures were deprecated by it, including TILE, FR-V, CRIS, M32R, MN10300, SCORE, and Blackfin.
Linux kernel 4.17 also allowed Display Code (DC) support from the open source AMDGPU driver for HDMI sound/audio, additional support for Intel’s High-bandwidth Digital Content Protection (HDCP) digital copy protection, and enhanced power handling.
The life of Linux kernel 4.17 is at the end, update to Linux kernel 4.18
As we know that all great things have to end, Linux kernel 4.17 reached the end of experience using the Linux 4.17.19 maintenance update launched on August 24, 2018. It follows that there will not be any additional updates, so it’s advised to update to Linux kernel 4.18 when feasible.
“I’m announcing the release of the 4.17.19 kernel. Note, this is the LAST 4.17. Y kernel to be released, it is now end-of-life. Please move to 4.18.y at this time,” stated Greg Kroah-Hartman at a mailing list statement. “All users of this 4.17 kernel series should upgrade.”
Linus Torvalds launched Linux kernel 4.18 on August 12, 2018, a release that introduces Specter Variant 1 and 2 moderations for the 32-bit ARM design, and Specter Variant 4 reductions for the ARMv8 and ARM64 (AArch64) architectures.
Also, latest in Linux kernel 4.18 is enhanced support for USB 3.2 connections and USB Type-C, a just-in-time compiler for eBPF programs on the 32-bit (x86) architecture, official assistance for Qualcomm’s Snapdragon 845 ARM SoC, and better discard support for your F2FS file system.
If you’re not able to update to Linux kernel 4.18 by compiling the most recent point release on the kernel.org site, don’t hesitate to ask your operating system vendor to update the kernel packages to the Linux 4.18 kernel series. If you are using a long-term supported kernel, you shouldn’t upgrade.