There is an embarrassingly long tail of support for obsolete crypto in Linux (MD4!!), which is sometimes hard to isolate and remove, given that software crypto is also exposed to user space via a syscall interface (AF_ALG)
RC4
MD4
MD5
Anubis
Khazad
SEED
TEA
Note that MD4 really takes the cake here: it was already found to be broken in 1991 (which was the year Linus first started working on Linux), but it is still used today in SMB authentication (although not as a critical cryptographic component [supposedly])
[ ] write proposal for deprecation schedule
[ ] make various old algos unavailable for use from userspace
There is an embarrassingly long tail of support for obsolete crypto in Linux (MD4!!), which is sometimes hard to isolate and remove, given that software crypto is also exposed to user space via a syscall interface (AF_ALG)
Note that MD4 really takes the cake here: it was already found to be broken in 1991 (which was the year Linus first started working on Linux), but it is still used today in SMB authentication (although not as a critical cryptographic component [supposedly])