On 02/10/2024 11:39, Lynne via ffmpeg-devel wrote:
On 02/10/2024 11:06, Kumar, Rahul via ffmpeg-devel wrote:
Thank you for the prompt response.
The primary reason for removing Blowfish from our codebase is to
comply with modern security guidelines and industry standards that
discourage the use of outdated cryptographic algorithms, like
Blowfish, due to their vulnerabilities.
Given that av_blowfish* is part of the public ABI/API of libavutil, I
understand the potential issues with breaking compatibility. As for
rtmpcrypt, I appreciate the information regarding its dependence on
Blowfish.
I have a couple of questions and suggestions that I would like to
discuss further:
Would it be feasible to introduce a compile-time configuration option
that makes Blowfish support optional within FFmpeg? This would allow
projects with stricter security requirements to exclude Blowfish while
preserving backward compatibility for others.
Alternatively, would the FFmpeg community be open to discussing
replacing Blowfish with a more secure, modern algorithm as part of a
future release plan?
Any thoughts or recommendations would be greatly appreciated.
Thanks again for your guidance.
Thanks,
Rahul Kumar
-----Original Message-----
From: Michael Niedermayer <mich...@niedermayer.cc>
Sent: Wednesday, October 2, 2024 3:23 AM
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: Kumar, Rahul <rahul.kum...@honeywell.com>
Subject: [External] Re: [FFmpeg-devel] Question Regarding Removal of
Blowfish from libavutil in FFmpeg
WARNING: This message has originated from an External Source. This may
be a phishing email that can result in unauthorized access to
Honeywell systems. Please use proper judgment and caution when opening
attachments, clicking links, scanning QR codes, or responding.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
rtmpcrypt uses blowfish. If you don't want the blowfish code to be used
in the final build, just don't build rtmpcrypt. LTO will strip the code
off anyway.
It's public API, so it won't.
We can't remove it. It's part of the rtmpcrypt spec.
The presence of unused code is also not a security issue. Stuff doesn't
magically use blowfish just cause there is an implementation flying
around somewhere.
Removing it for security is compliance theater.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
