From owner-freebsd-questions@FreeBSD.ORG Thu Jul 26 02:15:04 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 541A4106564A for ; Thu, 26 Jul 2012 02:15:04 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) by mx1.freebsd.org (Postfix) with ESMTP id D0CE48FC08 for ; Thu, 26 Jul 2012 02:15:03 +0000 (UTC) Received: by wibhq12 with SMTP id hq12so5024008wib.1 for ; Wed, 25 Jul 2012 19:14:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=nmAuhPPXJim0vJ5Xyz372OSw60RZ6nlUuJzKEudoraA=; b=Q1IPPqHVxtiWMXPOJczLsnMZJS2XK3JgdmO65m1trkYiXKPMcBxM/2eiHepIuEUFDf HXuyGAfPs3dbwbDKnyvp1IiuaCzM+xaSJpI5LoKrzT1r1be8Zcq6jso8ic8O6/WTeMLs RvskfOSqV4QkdpVpyj1BRAJPRuB0jAu5qqObNSNA7GSkHKFZs+VbDNP8VwOYYOhyhWyd SkS7VxW1kIlh19wiEcbCXMjfogXDT0XYg87RCmaJM5x0w8J1d7LycVa6uDjkBqxNpeVe PHKwA+wGijBNdfNOfsv9duBVIU0aq5PsTaO/5oja+ztAey2jQB93cb2ZLhUaziNooSCu D74g== Received: by 10.180.79.229 with SMTP id m5mr9335994wix.13.1343268896686; Wed, 25 Jul 2012 19:14:56 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id t7sm8713599wix.6.2012.07.25.19.14.53 (version=SSLv3 cipher=OTHER); Wed, 25 Jul 2012 19:14:55 -0700 (PDT) Date: Thu, 26 Jul 2012 03:14:50 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20120726031450.5c06dd61@gumby.homeunix.com> In-Reply-To: <201207260052.q6Q0qdss086796@mail.r-bonomi.com> References: <201207260052.q6Q0qdss086796@mail.r-bonomi.com> X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: geli - selecting cipher X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2012 02:15:04 -0000 On Wed, 25 Jul 2012 19:52:39 -0500 (CDT) Robert Bonomi wrote: > > From owner-freebsd-questions@freebsd.org Wed Jul 25 14:00:27 2012 > > Date: Wed, 25 Jul 2012 20:57:30 +0200 (CEST) > > From: Wojciech Puchar > > To: freebsd-questions@freebsd.org > > Subject: geli - selecting cipher > > > > i need high speed disk encryption (many disks running in parallel, > > lots of data movement). i have processor with AES-NI. > > > > geli give 150MB/s performance (tested from/to md ramdisk) using > > default and recommended AES-XTS > > > > and ca 400MB/s read and 700MB/s write using AES-CBC. > > > > I'm not cryptography expert, is CBC somehow "less secure", and if > > so is it really a problem? > > If you "don't know" what strength encryption you need, and/or the > difference between the methods, you need to hire a data-security > professional to examine your situation and make recommendations > appropriate for _your_ needs. > > 'CBC' -- [C]ypher [B]lock [C]hainig -- is well-suited for strictly > -sequential- data access. Try reading the blocks of a large (say > 10gB) file in *reverse* order and see what kind of performance you > get. Exactly the same, in geli the encryption is done per sector. I asked a similar questions to the OPs in the geom list and didn't get an answer. Geli doesn't need or isn't using any advantages of XTS. And CBC in geli is actually equivalent to ESSIV (see the previously linked wikipedia page). In the end I went with 128 bit aes-cbc since it's the fastest setting and Bruce Schneier recommends 128 over 256 AES as being more secure.