Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 Oct 2013 16:17:34 -0700
From:      John-Mark Gurney <jmg@funkthat.com>
To:        Gleb Kurtsou <gleb@freebsd.org>
Cc:        freebsd-current@freebsd.org, delphij@freebsd.org, Kris Moore <kris@pcbsd.org>
Subject:   Re: Committing PEFS to CURRENT
Message-ID:  <20131007231734.GY56872@funkthat.com>
In-Reply-To: <20131007163111.GB1590@reks.swifttest.com>
References:  <20131007163111.GB1590@reks.swifttest.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Gleb Kurtsou wrote this message on Mon, Oct 07, 2013 at 09:31 -0700:
> Patch is available here:
> https://github.com/glk/freebsd-head/commit/b4d2c4a5f42f88fdd07cb75feba3467e4d4c043c.patch

Is there a reason you are writing your own AES-NI implementation instead
of using the OpenCrypto framework?

I updated the kernel's AES-NI implementation to have a very fast
AES-XTS...   Upon looking at your implementation, you have a very
slow implementation as you do not pipeline AES-XTS at all...  Please
switch to using the opencrypto version..  You'll then be able to make
use of any accelerators that other platforms may have...

Are there plans to add authentication to this scheme?  See that as a
todo, but w/o authentication, you can't store anything reliably on it..
And w/ XTS, the attacker can take pot shots at your file in 16 byte
chuncks...

The only reason I'm running zfs on geli w/o authentication is that I'm
using a 256bit checksum, so the chances of someone modifing two blocks
to fool zfs into decrypting the correct new checksum value for their
modified block is very small...  In short, I'm trusting zfs to do the
authentication for me...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131007231734.GY56872>