Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Linux 6.2 fscrypt file system encryption framework adds support for China's SM4 block cipher standard

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)11/24 Report--

CTOnews.com, December 13, in order to avoid the tight time before and after the holiday, many pull requests entered the Linux 6.2 merge window ahead of time. Citing foreign science and technology media phoronix reported that the fscrypt file system encryption framework added support for China's SM4 block cipher standard.

CTOnews.com learned that the fscrypt file system encryption framework manages metadata, key generation, key wrapper, PAM integration, and provides a unified interface for creating and modifying encrypted directories.

SMS4 is the block cipher standard adopted in WAPI, which is the standard of WLAN in our country, and then adopted by the commercial cryptographic standard of our country, also known as SM4 (SM is the abbreviation of "quotient secret". Other commercial secret standards published at present include SM2 elliptic curve public key cryptography and SM3 cryptographic hash algorithm).

The key length and packet length of SMS4 are 128bits, and its design security is the same as that of AES-128, but some cryptanalysis in recent years show that the security of SMS4 is slightly weaker than that of AES-128. Because the key length of SMS4 is fixed at 128bits and does not provide a longer optional key length, SMS4 is not suitable for protecting data that needs to be kept secret for a long time, such as confidential documents that take 50 years to decrypt.

The Linux kernel already provides an optimized implementation of SM4 passwords, and in Linux 6.2, an optional SM4 option is planned to be added to the FSCRYPT framework for file system encryption. FSCRYPT allows file encryption through generic API of EXT4, UBIFS, F2FS, and so on.

CTOnews.com learned that it was Alibaba who was responsible for supporting FSCRYPT SM4. When asked about the benefits of adding SM4 to FSCRYPT, Alibaba explained:

We want to provide users with the ability to encrypt disks and files using SM4-XTS, the ability to sign SM2/3, and the ability to use TLS's SM4-GCM / CCM (of course, this belongs to other parts), and a considerable number of users need these features.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report