#cryptography

Modernizing Linux kernel cryptography API

lwn.net · ⭐️ 8/10 · 2026-07-08

8/10

At the 2026 Linux Security Summit North America, Eric Biggers presented ongoing efforts to replace the traditional Linux kernel crypto API with new library APIs that are safer and simpler to use. This modernization reduces complexity and potential security bugs in kernel cryptography, benefiting all kernel subsystems that rely on encryption, hashing, and authentication. The traditional crypto API, introduced in 2002, has become complex, slow, and poorly optimized for modern CPU-based acceleration, leading to maintenance and performance issues.

OpenSSH 10.4 was released, adding experimental support for a composite post-quantum signature scheme combining ML-DSA 44 and Ed25519. Additionally, on Linux, sshd will now refuse to start if SECCOMP or NONEWPRIVS sandbox features are not enabled. This is significant because SSH is a critical infrastructure tool used for secure remote access worldwide; post-quantum signature support future-proofs SSH against potential quantum computer attacks. The stricter sandbox enforcement improves security by ensuring sshd runs in a confined environment, reducing the impact of potential vulnerabilities. The post-quantum signature scheme follows an IETF draft and combines ML-DSA 44 (a NIST-standardized lattice-based algorithm) with Ed25519. On Linux, if sshd is compiled with sandbox support and the system lacks SECCOMP or NONEWPRIVS, the daemon will now fail to start instead of merely logging an error.