-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Formally deprecate the DES module #7024
Comments
TDES is still widely accepted and used within payment industry (PCI etc). Although a migration to AES/ECC is being considered and planned, also in light of future PQC crypto algorithms, it is still part of the requirements. Therefore, making the API deprecated (or rather say 'not recommended for new designs') is maybe ok but removing the support completely might have an impact. |
Note: |
It's too late to announce DES as deprecated in Mbed TLS 3.x. But since more time has passed, we are considering completely removing DES in Mbed TLS 4. |
Triple-DES (a.k.a 3DES a.k.a. DES3) is on its way out. NIST SP 800-131A disallows TDEA encryption after 31 December 2023 (decryption of legacy data remains allowed). 3DES was widely deprecated for TLS after Sweet32 in 2016, and we removed 3DES in TLS in Mbed TLS 3.0. Today, the main use of (3)DES in Mbed TLS is to support encrypted PEM files.
Currently (as of Mbed TLS 3.3.0), we have warnings in the documentation saying not to use single-key DES. Our plans regarding DES and 3DES are:
The goal of this task is to deprecate DES (including 3DES). That is:
\deprecated
Doxygen directive. (enum
constants might be excluded from\deprecated
if that's a problem, because we don't exclude them from the build.)MBEDTLS_DEPRECATED
annotation.MBEDTLS_DEPRECATED_NUMERIC_CONSTANT
(orMBEDTLS_DEPRECATED_STRING_CONSTANT
if applicable).This may require tweaking some CI scripts to disable
MBEDTLS_DES_C
when testing withMBEDTLS_DEPRECATED_WARNING
orMBEDTLS_DEPRECATED_REMOVED
.The text was updated successfully, but these errors were encountered: